Hi @JpSmith
Thanks for reaching out to Microsoft Q&A
I'm not sure if I understood your scenario, could you please provide more details?
- How do your users login and MFA to the "protected machines", do they use user/password and then have to enter a one-time code from Authenticator app or other like RSA?
- Are those machines Azure VMs or on-premises servers?
Technically, each user should have their own credentials and MFA methods, so it would be great to have more information about how your environment works.
Thanks,
Fabio