![]() Though this dialog lists 192.168.1.0/27 three times, if you click on this dialog in the per-user MFA service settings page, these values disappear (and they should be public IP addresses anyway if in use). ![]() The settings for per-user MFA include a list of IPs that MFA can be skipped from, and this list is empty by default: The Per-User MFA Trusted IPs The source of this data comes instead from the legacy, or per-user MFA settings that should now not be used (instead use Security Defaults or Conditional Access). This location is selectable as a location in the Conditional Access rules, but is not a location you can configure in the Named Locations area of Azure AD Security. That legacy MFA stuff is going to go away soon (as is the separate configuration for SSPR). The location selected in the above is “Multifactor Authentication Trusted IPs”. From Azure AD, go to Security > Multifactor Authentication, then click on 'Additional cloud-based multifactor authentication settings' to get to the legacy MFA portal. ![]() This short blog post outlines what this is.Īs an example of the use of this location, it could be used as follows in Conditional Access: Selecting a Location in a Conditional Access Rule ![]() In Azure AD for location based conditional access rules you can select “Multifactor Authentication Trusted IPs” as a location. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |