Azure AD Connect required?

Wil 21 Reputation points
2021-06-30T15:42:50.057+00:00

Verbiage on the below link seems to imply Azure AD Connect is a requirement (prerequisite) to enable MFA in Azure AD if using "Hybrid identity scenarios". We use AD DS on-premises and Azure AD for Microsoft 365 resources. We want to continue in the same configuration (separate passwords, not synced), and enable MFA for Azure AD. What are the pitfalls of enabling MFA and bypassing Azure AD Connect?

https://learn.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-getstarted#plan-user-rollout

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,396 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Vasil Michev 95,071 Reputation points MVP
    2021-06-30T19:18:27.71+00:00

    Well how are synchronizing the users to Azure AD, if at all? Hybrid generally means you are using directory synchronization (password sync and other features are not required), thus the need for AAD Connect. You dont technically need it to enable MFA for objects that already exist in Azure AD, either created as cloud-only or synced.

    1 person found this answer helpful.