cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Microsoft Entra Tech Accelerator
Jun 27 2023, 08:00 AM - 12:00 PM (PDT)
Microsoft Tech Community
Find out more
SOLVED

(AAD) I want to force security info registration only for certain users

ajm-b
Contributor

‎Jan 30 2020 10:15 AM - last edited on ‎May 24 2021 03:19 PM by

‎Jan 30 2020 10:15 AM - last edited on ‎May 24 2021 03:19 PM by

(AAD) I want to force security info registration only for certain users

This seems silly but I'm not seeing a way: The bulk of my users won't be licensed for MFA/SSPR, so I only want to force security info registration during logon for users that are assigned one of our AADPP1 licenses. How can I accomplish this?

948 Views
1 Like
3 Replies
Reply
3 Replies
Thijs Lecomte

‎Jan 31 2020 05:45 AM

‎Jan 31 2020 05:45 AM

Re: (AAD) I want to force security info registration only for certain users

@ajm-b 

 

You could create a dynamic group that contains all licensed users and scope the conditional access policies to them: https://365bythijs.be/2020/01/20/creating-a-dynamic-group-with-all-aad-premium-licensed-users/

1 Like
Reply
ajm-b

‎Jan 31 2020 05:55 AM - edited ‎Jan 31 2020 05:55 AM

‎Jan 31 2020 05:55 AM - edited ‎Jan 31 2020 05:55 AM

Re: (AAD) I want to force security info registration only for certain users

@Thijs Lecomtethanks for the feedback! Could you clarify something? So requiring MFA via Conditional Access policy on an account that hasn't yet registered will prompt them to register during their next sign-on instead of just locking them out, correct?

0 Likes
Reply
best response confirmed by ajm-b (Contributor)
Thijs Lecomte

‎Jan 31 2020 06:16 AM

‎Jan 31 2020 06:16 AM

Solution

Re: (AAD) I want to force security info registration only for certain users

Jup! It will require them to register.

You will not lock them out through CA
1 Like
Reply