Forum Discussion
MFA User Group
Hello everyone, I'm new to this group. My first exposure to MS365 Administration happened in October 2023 when a former MSP was paid to move my company's Exchange on-prem to the cloud. I'm putting ...
Depends on what they configured. Assuming they enforced MFA via Conditional access policy, those two groups are likely used to scope inclusions/exclusions for said policy. You can check via the Entra ID portal, here's the documentation: https://learn.microsoft.com/en-us/entra/identity/conditional-access/concept-conditional-access-policies
Thank you for the quick response. My Entra ID portal does show 7 conditional access policies but only one, related to Admins, is specified for MFA enforcement. I appears the policies were built as part of the design but no one was added. I will be doing some more home work on this and I think best practice is to maintain the MFA Users and MFA Exclusion groups as some user have left and others have onboarded.
