Allow Use of Microsoft Authenticator OTP in Azure AD
Hi All, We wanted to enabled number matching and Passwordless with Microsoft Authenticator app and when I go to there I could see the below setting under configurations. But I wanted to make sure what that setting is and what it the recommended configurations for this "Allow Use of Microsoft Authenticator OTP" before configure in production environment. appreciate if anyone could help me on this. Thanks, DilanHybrid Azure AD join devices MDM set to "none"?
Good afternoon, We have recently upgraded all of our servers and as part of that I'm re-configuring Azure AD Connect for the hybrid environment. Users are syncing properly. Devices, however, seem to fail to be picked up by Intune and thus, MDM. IT is set to "none" and on top of that is not replacing the existing record for the device, so currently there's a Hybrid Azure AD join device and a Azure AD registered record assigned to the user that uses it (myself). I'm trying to use auto-enrollment via GPO, the specific GPO is "Enable Automatic MDM enrollment using default Azure AD credentials". Something I've noticed (and if memory servers me well), is the fact that the generated task in task scheduler is named differently. If I remember correct, the name should match or be similar to that of the GPO, it is now called "Schedule created by enrollment client for automatically enrolling in MDM from AAD". So I'm not too sure if the policy is, for whatever reason, generating the wrong task? At any rate, below is the information of one of the devices: | Device State | +----------------------------------------------------------------------+ AzureAdJoined : YES EnterpriseJoined : NO DomainJoined : YES DomainName : DOMAIN SSO State | +----------------------------------------------------------------------+ AzureAdPrt : NO AzureAdPrtAuthority : EnterprisePrt : NO EnterprisePrtAuthority : I'm aware that AzureAdPrt is set to NO, but I understand that isn't an issue if you are trying to enroll via default user credentials? (Correct me if I'm wrong). As for Intune, auto-enrollment is activated for everyone and anyone with the correct license. It has been a while since I last worked with this and perhaps I'm missing something obvious, but having look at Microsoft's docs and following some of the trouble shooting advice, I cannot see anything wrong with my setup. Please, if you need any more information do let me know. Thank you
Microsoft Edge on iOS and Android now supports conditional access and single sign-on
Microsoft Enterprise Mobility + Security (EMS) is excited to deliver Azure Active Directory conditional access protection for Microsoft Edge on iOS and Android. This integration expands the Microsoft Intune management capabilities as you deploy Microsoft Edge for the best browsing experience across all endpoints in the enterprise. Users get easy, secure access to Office 365 and all your web apps that use Azure Active Directory, with the same application management and security capabilities that previously required Intune Managed Browser.
