Hi @Barnes, Richard ,
Thanks for your post! I understand that your users are still receiving prompts for MFA, even though you have disabled security defaults and excluded those users from the conditional access MFA policy. There are a few things I would check to troubleshoot this.
1) Under "Manage security defaults" when you fill out the survey to disable security defaults, make sure that there are no errors that pop up when you click "Save."
2) MFA may have already configured for some users and set up while security defaults was enabled. If this is the case, you can disable it in the Microsoft 365 admin center (ttps://admin.microsoft.com/#/users).
Go to Users ** > **Active Users and select Multi-factor authentication. Then select the user you want to disable MFA for.
3) Conditional Access requires the Premium P1 license and you need that to include or exclude users or groups, so I would confirm that you have the right number of licenses assigned.
If none of these scenarios apply to your situation, feel free to let me know and we can further troubleshoot over email or get a support case enabled to look into your tenant setup.
-
If the information provided was helpful to you, please remember to "mark as answer" so that others in the community with similar questions can more easily locate a solution.