cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Conditional Access Policy / MFA - Bypass

Steve Goett
Copper Contributor

‎May 12 2017 02:58 PM - last edited on ‎Jan 14 2022 05:32 PM by

‎May 12 2017 02:58 PM - last edited on ‎Jan 14 2022 05:32 PM by

Conditional Access Policy / MFA - Bypass

We have been testing some conditional access policies requiring MFA when a user is off premise. One of our test users accidentaly removed the Microsoft Authenticator from their mobile device, and unfortunately we can't re-enroll a new mobile device as the access policies require MFA. I've tried using the one-time bypass in the Microsoft MFA port within the classic portal, but it's not working. Is that the only way to provide a one time bypass to a user? Is there another way to re-enroll the user in MFA? We eventually just removed them from the conditional access policy as a work around right now. But looking for options. 

 

Thanks, 

 

Steve

6,812 Views
0 Likes
1 Reply
Reply
1 Reply
Vasil Michev

‎May 13 2017 11:52 AM

‎May 13 2017 11:52 AM

Re: Conditional Access Policy / MFA - Bypass

You can always reset his MFA status, forcing him to go over the "enablement" process and register the new device. If you mean that the network restrictions are causing this process to fail, add the IP address temporary or exclude the user from the conditional access policy.

0 Likes
Reply