Sep 19 2024 07:12 AM
Hello,
We have MFA enforced for all employees through Conditional access. Recently, we started enrolling our company laptops (Windows and Mac) to Intune and also setup 'Windows Hello for Business' as a login method. I noticed that after the enrollment, the user sign in attempts are showing as 'single factor authentication' in the Entra ID sign in logs. Also, it says that there's no conditional access policies getting applied even though we have several CA policies about MFA, session controls etc.
I did some research and found out that this is due to Windows Hello for Business. My question is, what is the right course of action here? I'm getting messages on the CA policy page that the users are logging in without any policy coverage which concerns me a bit even though I know we have all the policies set in place.
Any advice would be appreciated.
Sep 20 2024 11:43 AM