Azure AD MFA for SharePoint Server Sites

Question

Hi All,

We have a customer who has a SharePoint Server 2019 installation in Azure VM which is domain joined to Azure AD. There is no Windows AD present. As per new security rules, they are trying to enable MFA for SharePoint Sites so that whenever the user(Azure AD) access the sites, they get MFA prompt. Though MFA access is enabled through Security Defaults, we don't get any prompts for multi-factor authentication.

We also tried to set up Azure AD as a Trusted Identity Provider in SharePoint and added SSL trust relationships and we had no luck.

Please guide us with some inputs.

Thanks in Advance

Answer 1

@Priyaranjan Sathyavrathan Thanks for reaching out.

Security default does not prompt for users every time they log in. They will be prompted primarily when they are coming from a new Device or application or performing critical roles and tasks only.

Security defaults make the following admin perform MFA everytime they login :
Global administrator
SharePoint administrator
Exchange administrator
Conditional Access administrator
Security administrator
Helpdesk administrator
Billing administrator
User administrator
Authentication administrator

So the behavior you are seeing is expected for most of the scenarios.

-----------------------------------------------------------------------------------------------------------------

If the suggested response helped you resolve your issue, please do not forget to accept the response as Answer and "Up-Vote" for the answer that helped you for benefit of the community.