Share via

How to bypass Azure AD MFA by machine IP address using Trusted IPs?

Anonymous
2020-02-26T08:07:20+00:00

I need to bypass MFA when accessed from a particular machine. I have tried to add the machine IP address in trusted IPs list. But, it doesn't work. It throws the below error when using Connect-AzureAD. When i give default gateway IP, it works fine. 

Connect-AzureAD : One or more errors occurred.: AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must 

use multi-factor authentication to access '00000002-0000-0000-c000-000000000000'

How can bypass machine IP itself? Or explain how this works?

Microsoft 365 and Office | Subscription, account, billing | For business | Other

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.

0 comments

7 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2020-03-03T15:16:50+00:00

    Hi O365developer,

    We appreciate your update at your convenience.

    Regards,

    Jennifer

    Was this answer helpful?

    0 comments
  2. Anonymous
    2020-03-01T14:54:46+00:00

    Hi O365developer,

    Glad to hear from you again. To understand your situation better and provide further suggestions, could you please kindly send some screenshoots about the detailed configurations about the conditional access policy to us for analysis?

    Thanks for your understanding and cooperation, I'm waiting forward to your updates.

    Best regards,

    Jennifer

    Was this answer helpful?

    0 comments
  3. Anonymous
    2020-03-01T04:26:55+00:00

    I have tried these steps. But the problem is the machine's IPv4 address is not recognized. When I add gateway IP or public IP it works. Am i missing something?

    Was this answer helpful?

    0 comments
  4. Anonymous
    2020-02-28T10:36:11+00:00

    Hi O365developer,

    Have you tried the steps to see if it helps?

    Regards,

    Jennifer

    Was this answer helpful?

    0 comments
  5. Anonymous
    2020-02-26T09:55:29+00:00

    Hi O365developer,

    Thanks for post your questions in our forum.

    Regarding your concerns, it is recommended to setup conditional access policy from the Azure Active Directory UI via following steps to see if it works: 

    1. Sign in to  **Azure AD**portal with the admin account.
    2. Click Azure Active Directory > Security > Conditional Access > click "+" to create a New policy.
    3. Type the name of the policy.
    4. Under Assignments > Users and groups, select the specific users who need to sign from a particular machine.
    5. In the Cloud apps or actions tab, select all apps or specific APPs according to your demand.
    6. In the Conditions tab, click Locations > switch to Yes under Configure, then under exclude, select Selected locations > MFA Trusted IPs.

    1. Under Access controls, select Grant > Grant access > select the option "Require multiple-factor authentication", and click Save:

    1. Try to sign in from the specific machine to test the result.

    Here are some articles for your reference: 

    Please feel free to contact us if you have any further problems and need further assistance.

    Best regards,

    Jennifer

    Was this answer helpful?

    0 comments