If you licensed for it ( P1)
You would need to disable the Security defaults , then the recommendation is to create a conditional access policy that excludes the users you do not want to MFA:
No MFA With Enabled Security Defaults For Particular (guest) User
We have two Azure tenants, in one Security Defaults is without MFA, in the other one it is with MFA. Basically in one tenant Security Defaults is enabled and in the other one it isn't.
Now, when a user form the tenant where MFA is not required (and it has no MFA enabled) is invited as a guest into the tenant where MFA is required, it looks like this user has to setup and use MFA for the login on that tenant (switch directory), correct?
How can I disable MFA for this particular (as a guest user) in the tenant where MFA is enforced?
When I am looking at per-user MFA page in the Admin Portal for all users Multi-Factor Auth Status is set to disabled for everyone, but I'm assuming this does not apply if the default is MFA (security defaults are enabled), based on default security defaults.
kind regards,
Dieter Tontsch
-
Andy David - MVP 151.2K Reputation points MVP
2023-01-04T14:51:48.427+00:00