Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Conditional Access Policy for MFA for Guest is flagging non-guest users

Copper Contributor

Hello,

 

We recently enabled a conditional access policy for MFA for Guest Users.    We have a hybrid environment, but some of our new users only have Azure AD accounts, since they have no reason to be associated with our on premise AD.    It appears that this Guest MFA conditional access policy is being applied to non-guest users if they are only found in Azure AD and not on prem.    

 

I guess the question is,  why is this policy not ignoring "User" types in 

5 Replies
can you share a screenshot of your CA policy settings

@eliekarkafy   Absolutely,    There are no exclusions.  I even included the activity details for the user when logging in.        Appreciate the help.

MikeThor_1-1693252773974.pngMikeThor_3-1693252818621.png

 

MikeThor_4-1693253248074.pngMikeThor_5-1693253260938.png

 

 

@MikeThor can you please recreate the conditional access policy using the template below from the CA blade. Make sure also that you don't have another CA affecting the member users. 

eliekarkafy_0-1693256932123.png

also double check also if your member users dont not have per user mfa enabled 

 

Regards, 

Elie

@eliekarkafy   The re-creating of the policy seems to do the trick.  It is now bypassing the policy.

 

Appreciate the help.

@MikeThor 

Please click Mark as Best Response & Like if my post helped you to solve your issue. This will help others to find the correct solution easily.