Summary: When you create new hybrid users, you might want to enable Multi-Factor Authentication (MFA) for them by default.
This article explains how to configure this scenario.
Applies to: Cayosoft Administrator 5.1.0 or later
ID: KB20190313-1
To enable MFA when creating a new hybrid user, you should do the following:
1. Create new "Office 365 Users | Enforce Multi-Factor Authentication (MFA)" rule:
2. Open Query Filters section.
3. In DisplayName/Email starts with set this value: { $usrch = (GetSessionParameter "Office365CreatedUser"); if([string]::IsNullOrWhiteSpace($usrch)){ "nosuchuserinmyorg@myorg.onmicrosoft.com" }else{ $usrch } }.InvokeReturnAsIs()
4. Click Save Changes.
5. Navigate to Home > Configuration > Web Portal > Web Actions > Active Directory > New User.
6. Enable Design mode.
7. Add Office 365 Users | Enforce Multi-Factor Authentication (MFA) rule to Rules to run after this rule section in New User action after New User | Create Office 365 User rule (details see here):
8. Click Edit... button and in the opened dialog set Behavior > Execute if (condition) field to ($MailBoxType -eq 2 -or $MailBoxType -eq 3) -and ((GetSessionParameter "CreatedObjectGUID") -ne $null)
9. Close all dialogs and click Save Changes.
Comments
0 comments
Please sign in to leave a comment.