Avatar of dougdog
 asked on

365 MFA roll out problems and best practice

advice on configuring and using 365 MFA
We are currently testing MFA
We have an issue where when a user changes their password or when they are getting prompted for MFA
Multiple Applications are popping up asking for MFA
sometimes the user gets so many prompts they are entering the wrong code
so when a password is changed or the policy is changed
outlook pops up looking MFA
Skype pops up looking MFA
SharePoint Online Pops up looking MFA
We are also using ADFS and sometimes the federated login can get in a loop asking users to sign in repeatedly
I seen an article about caching but i think this may be only related to MFA on prm server
Im just looking advice and best practice on getting MFA rolled out to all users with as little pain as possible
Microsoft 365AzureSecurity

Avatar of undefined
Last Comment
Vasil Michev (MVP)

8/22/2022 - Mon

Have you enabled modern authentication for exchange online, skype for business?
Enable it and ensure that you will enable mfa only for those users who have latest office software installed like O365, office 2016 or 2013 sp1 with latest patches

You can search experts-exchange.com for modern authentication and you will find lots post

looking to hear from people using it
why would it be popping up multiple times etc
how did people find implementing it
Your help has saved me hundreds of hours of internet surfing.

If u have not enabled modern authentication you will face issues after u enabling mfa
However modern authentication itself have its own requirements
Hence at start i asked you question.. But you didn't answered that
Vasil Michev (MVP)

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question

we have modern auth turned on for exchange and skype
does the caching work with cloud mfa or is it on prem mfa
was confused by the mfa server settings in the azure portal
Vasil Michev (MVP)

Works for both. The settings you should be looking at are the ones in the O365 portal: https://account.activedirectory.windowsazure.com/UserManagement/MfaSettings.aspx?culture=en-US&BrandContextID=O365
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.

we do use adfs
sometime i notice  outlook can get in a loop and keep prompting for codes
does caching work with the cloud though?
is it a good idea to remember devices and skip if users are federated
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.