Is a Digipass Go 6 compatible with MS MFA
I'm trying to setup a bunch of Digipass go 6's that my company has for some users. https://www.onespan.com/sites/default/files/2019-08/Digipass-GO6_tcm42-47370.pdf These are Duo branded hardware tokens. Is it possible to set them up with MS MFA instead of Duo https://duo.com/docs/administration-devices#managing-otp-hardware-tokens https://learn.microsoft.com/en-us/entra/identity/authentication/concept-authentication-oath-tokens The part I have yet to find is the base-32 secret.
Preventing use of third-party authenticators with Azure MFA
Question about preventing use of third-party authenticators for Azure AD MFA: In Azure AD Authentication Methods, we currently have Third-party software OAUTH tokens limited to a specific group of users. We also have Allow use of Microsoft Authenticator OTP turned ON in the Microsoft Authenticator configuration. Finally, we are in 'migration complete' mode, with all of the legacy MFA settings disabled. When users who are not in the specific Third-party software OAUTH token group I mentioned above are prompted to set up MFA, there is a link to 'I want to use a different authenticator app', which they can choose and set up any third-party authenticator app. Is there a setting I'm missing here to prevent use of third-party authenticators?Enable end-user notifications to specific security activities (MFA addition)
One thing I've bugged our Microsoft representation for is a setting to allow tenant admins to set policies to notify end users when rare security events happen - i.e. someone added an MFA token to their account. Not sure the right place to do this - via email or via Authenticator, but you could also capture the user response (i.e. click "do not recognize if you did not perform this action"). I can't think of other events that you'd want to do this with other than perhaps really egregious impossible travel events.
Why is it so hard to get a device in Intune!!!!
I have devices on my network all around the world , we have some devices that are still AAD not all hybrid joined. I want to force to be add to Intune. There is so much docs, with examples, that dont work. Here is the scenerio, laptop that is in Azure or connects to Network via VPN. How do I force it to be in Intune, GPOs are setup , everything is correctly setup. But we still have issues, from laptops are seen in azure but cant managed,etc . Is there way to force a laptop to be connected and access intune. e.g Powershell, etc.
