This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
I'm using Azure AD Premium P2, and also Hybrid Synched OnPremise AD DS to Azure AD with Azure AD Connect (PHS).
I need to enable specific team members that is in specific AD security group to have the 2FA/MFA enabled.
Total Number of users 1000+ spread geographically around the world.
Current Limitation is, MFA/2FA can only be enabled by Global Admins, which is just 4 people across the regions.
How can I achieve this with Conditional Access Policy in Azure by adding the specific users to the AD security Group called 'Secured Users Group' ?
I need some steps and the guidance in this, so that the Global Admins do not need to manually enable 2FA/MFA one by one.
Just use the "group" condition, if you need step by step instructions check here: https://learn.microsoft.com/en-us/azure/active-directory/authentication/tutorial-enable-azure-mfa?toc=/azure/active-directory/conditional-access/toc.json&bc=/azure/active-directory/conditional-access/breadcrumb/toc.json