Go Premium for a chance to win a PS4. Enter to Win


Disable MFA for activesync and autodiscover for non-ADFS o365

Posted on 2017-10-19
Medium Priority
Last Modified: 2017-11-07
Hi All

We have an o365 environment that doesn't use ADFS but we want to enable MFA to secure our environment. Is there a way to disable MFA from activesync and autodiscover as we do not want to be prompted for the one time passwords when logging on to devices.

Thanks in advance.
Question by:J T
  • 2
LVL 44

Accepted Solution

Vasil Michev (MVP) earned 2000 total points (awarded by participants)
ID: 42336939
No, if you enable/enforce it for the user, it will apply for all applications. Apps that do not support Modern authentication will have to use "app passwords" instead: https://support.office.com/en-us/article/Create-an-app-password-for-Office-365-3e7c860f-bda4-4441-a618-b53953ee1183

You can toy with Conditional access and enable MFA for specific modalities only, but that will also not give you the granularity you want.
LVL 44

Expert Comment

by:Vasil Michev (MVP)
ID: 42357674
If you feel this question wasn't answered or should be closed differently, post an objection. The moderators will review all objections and close it as they feel fit.

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Join & Write a Comment

In this post, I will showcase the steps for how to create groups in Office 365. Office 365 groups allow for ease of flexibility and collaboration between staff members.
Phishing emails are a popular malware delivery vehicle for attack.  While there are many ways for an attacker to increase the chances of success for their phishing emails, one of the most effective methods involves spoofing the message to appear to …
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question