MFA Shows Disabled, But Being Used
When I visit Azure Active Directory -> Users -> Multi-Factor Authentication, our initial accounts show "Multi-Factor Auth Status" as "Disabled", but we are seeing MFA prompts. I find it confusing that something shows "disabled" that is really turned on somehow??? Is there more than one type of MFA? We just received a trial for G1 as part of building a use case for moving to Office 365. I setup the tenant space by confirming our identity and I am a Global Administrator. I was prompted to setup MFA on my second logon, but I don't recall being offered any option other than text message. My understanding is that I had to turn on MFA for our accounts so I just setup SMS to get logged on the second time.Office 365 MFA Enabled Users and the Apple Mail app for iOS Concern
Office 365 MFA and the Apple Mail app for iOS concern? We ourselves and several customers using Office 365 have noticed a recent issue with the Apple Mail app for iOS when Office 365 MFA is enabled. When users are out of a known or trusted location and required to MFA to sign in or access Office 365 resources the Apple Mail app for iOS is asking for the user's password. This should NOT happen if MFA is enabled and an App Password has been created to be used for the Mail app. The Mail app then prompts the user to enter their Office 365 password which confuses the end user because they try to re-enter the generated App Password which it then fails to sign in because it actual requires the user's standard password. Has there been recent changes to that platform and the Apple Mail app for iOS? I'm thinking that Apple finally updated the Mail app to support modern authentication, if so why hasn't documentation for it been updated? I can see that Apple introduced the capability in 11.0 but we could not get it to work out of the gate and found it to be NOT 100% reliable. So if they finally got this to work in the latest release of iOS what is the recommendation? Have all the current users update their passwords in the app from the App Password to their standard password or can we continue to use the App Password? We have noticed the increase in support requests from customers about this issue in the past 2 weeks or less.
Send Mail (SMTP) through Office 365 with MFA
We have a web server that needs to be able to send emails as users (FROM field); however, we have noticed that if the user account is protected with MFA, the message is rejected. Has anyone been able to get this working? I found a work around by using an account that does not have MFA then adding that account as a delegate of the sending user, but that seems a bit extensive. In our scenario, web server sends a message showing it comes from a sales rep, that is populated dynamically on the web server. It uses CFMAIL (same rules as say PHPMailer) and uses the FROM field as the sales rep. That is handled off in this case to Office365 to send emails. Actual Error: Diagnostic-Code: smtp;550 5.7.60 SMTP; Client does not have permissions to send as this senderAzure MFA "Activation Failed" error with Microsoft Authenticator App
We've opened a premier ticket, but has anyone in the community seen this error before? We've got a few users that can't set up the Microsoft Authenticator app, and nothing we do is working. This is rolling out to all of our users overnight tonight, and none of our global testing has run into anything like this.
Multi-Factor Authentication for people without a Smart Phone?
Howdy, We have a couple people who don't have Smart Phones and need to use MFA. We don't want to use a simple Text Message if we can and prefer to use something a bit more secure. I found there is an Authenticator App for Windows 10 but it doesn't seem to work with O365 accounts. Are there any sort of keyfob dongle or USB dongle thing that work with Office 365 that we can get for people who don't have smartphones? I've used the kind where the number on the fob changes every minute just like an authenticator app would but that was many years ago. If anyone knows something we can use to make this work, let me know. Thanks!
