Forum Discussion
MS managed CA for all users MFA
Hi experts,
I have been doing some revision of MFA in our organization and noticed something that I cant figure out.
I have the MS managed CA created "Multifactor authentication for per-user multifactor authentication users", and it is in ENABLED mode... All fine... no issues... However, I have noticed that it is covering only 50 users out of 65 total/licensed user in our organization. The CA is applied to "Users/Groups" which is not possible to edit (only for "exclude" option can be modified).
Wondering - why... how the users were selected? Why I have users missing there? For example, my account is not there either.
PS: I am using the LEGACY MFA.... not migrated to MS Entra yet.
I plan to migrate to MS Entra MFA these days so would like to understand the above so that all users have MFA enabled and REQUIRED after migration
Thank you.
- This policy should map to the user you've configured for per-user MFA in the legacy portal. There are some limitations though as detailed here: https://learn.microsoft.com/en-us/entra/identity/conditional-access/managed-policies#multifactor-authentication-for-per-user-multifactor-authentication-users
VasilMichev ... thank you for response. Checking the limitations - none should apply to us. I also double checked that missing user have Legacy MFA enabled..... Lets see... will migrate and see if it solves the issue
