Jun 07 2018 03:32 PM
Quite a while ago, it was recommended to have a generic account for Office 365 to act as a sort of last resort if the regular synced accounts fail to login for some reasons.
Anyone know if this is still recommended and what the recommendation would be regarding enforcing MFA for this account.
Does Microsoft recommend an organisation keep a generic account in O365 with Global Admin privileges to get access to tenancy in worst case scenarios e.g. ADFS is down so regular federated accounts can't login, MFA is down again regular MFA enforced accounts can't login etc.
Jun 07 2018 11:57 PM
SolutionIf you are using AD FS, yes it's recommended to have at least one cloud-only GA. Make sure to protect it via MFA though, or at the very least configure an Conditional access policy to require MFA on "unknown" locations.
Jun 09 2018 03:38 AM
Jun 07 2018 11:57 PM
SolutionIf you are using AD FS, yes it's recommended to have at least one cloud-only GA. Make sure to protect it via MFA though, or at the very least configure an Conditional access policy to require MFA on "unknown" locations.