Azure Active Directory Tutorial | How to set up MFA for guest users
HTML-код
- Опубликовано: 26 июл 2024
- Azure Active Directory Tutorial | How to set up MFA for Guest users
In this video, I show you how to set up an Azure Active Directory Conditional Access policy to enforce Guest users to Multi-factor authenticate. We will also look at the end-user experience before the MFA policy and after so you can fully understand the process.
Agenda:
0:00 Intro
1:13 Setting the scene - Review Azure AD and Microsoft Teams
3:09 Add a guest user to a Team in Microsoft Teams
6:42 Create Conditional Access Policy to enforce MFA for guest users
10:39 Guest experience setting up MFA and logging in
12:49 Outro
//Disclaimer
As full disclosure, I work at Microsoft as a full-time employee.
//Tags
#Azure #AzureAD #AzureCA #AzureMFA #MicrosoftTeams Наука
Thanks for also covering the guest user experience in the overview (this is rarely covered in most MVP overviews).
Welcome!! Glad the video helped.
You continue to provide great insights! Keep it up!
Thanks! I certainly will.
I hope this video helps you get your guest users set up for Multi-Factor Authentication.
0:00 Intro
1:13 Setting the scene - Review Azure AD and Microsoft Teams
3:09 Add a guest user to a Team in Microsoft Teams
6:42 Create Conditional Access Policy to enforce MFA for guest users
10:39 Guest experience setting up MFA and logging in
12:49 Outro
Great demo.. Nice and clear 😁
Thanks Tom - glad it was helpful :) let me know if there are any other topics you would like me to cover.
Have my subcribe, concise and to the point keep it up.
Thanks Kavesh, means a lot! I certainly will! Let me know if there is any topic I can help you out with.
Thanks for the info
Thanks for watching!
Thank You Harry
Glad it was helpful!
This was a good, clear demo with a GMail account. I didn't notice an option to have a code sent to a different method than that orginally created with a phone number. What if the mobile phone number is no longer available for MFA? Would also love to see a demo of guest access with a Microsoft account of another tenant, that is more confusing. Thanks.
The tenant admin can change the mobile number for that user in Entra admin center (formally Azure AD).
Hi Harry. Followed this video on enforcing MFA for guest users and working well for all new accounts created as Guest, not on the existing guest user account before enforcing MFA...FYI - Accounts are already added to Dynamic Security used on conditional access....... let me know if you have any solution on above
Is there a method how to disable MFA for guest users?
And no new AAD user gets added?
Paolo - thanks for the comment. For AAD users you can create a separate conditional access policy. A lot of orgs have conditions for employees that you may want to exclude for guests for example risk-based MFA