Another question. So, we are starting to go down the MFA and Intune route and need some help.
We are using the MS Authenticator App on our mobile phone fleet (iPhone) and have run in to a curly issue. We use Apple DEP so that as soon as a new phone, or existing iphone is wiped it automatically downloads the company portal app, runs it and prompts the user to log in with their email address.
Our issue is that if that user has MFA configured they are NOT able to get past the point where they either have to go to the MS Authenticator app to approve, try the TXT method or phone call (you can see the call showing but you are unable to actually accept the call).
The only way we have found to get around this is to disable the users MFA in the O365 admin portal, get them to sign in to the company portal app on their phone to complete the enrolment then reenable their MFA and get them to re do the MFA process.
Is the above correct or are we missing something obvious?