This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 30%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EG%3C/text%3E%3C/svg%3E)
I’ve completed the migration form the per user legacy MFA controls to Azure using this guide How to migrate to the Authentication methods policy - Microsoft Entra | Microsoft Learn
But once that’s completed and MFA is enforced by the conditional access policy, on the legacy per user MFA page should I leave everything as is until it goes away, or does it not matter what I set there anymore?
I created a new test user and left the per user setting alone to verify the CAP was working and it prompted to enroll as expected.
The experience depends on the "mode" you've selected. If you have toggled it to "Migration complete", only the Auth method policies will be in effect going forward. The configuration in the old MFA portal will remain as is, no need to change anything therein.
Ok, that makes sense. So if I change a user's status in the legacy portal from "enforced" to "Disabled", it has no effect, right? Just wanted to clear that up.