Enforcing MFA/2FA for user with no license assigned under Microsoft Entra ID P2 ?

EnterpriseArchitect 5,036 Reputation points
2024-02-28T03:51:08.25+00:00

I'm using Azure AD / Entra ID Premium P2, as indicated in the Entra portal https://entra.microsoft.com/#view/Microsoft_AAD_IAM/TenantOverview.ReactView

The user account is created from on-premise AD DS and then synced to Entra ID via Azure AD Connect, so it is hybrid.

Could I impose MFA/2FA with Authenticator for these users who have not been assigned any M365 licences? I cannot find any option to assign Azure AD / Entra ID Premium P2 license from the https://admin.microsoft.com/

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
11,253 questions
Microsoft Intune Security
Microsoft Intune Security
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
370 questions
Microsoft Entra External ID
Microsoft Entra External ID
A modern identity solution for securing access to customer, citizen and partner-facing apps and services. It is the converged platform of Azure AD External Identities B2B and B2C. Replaces Azure Active Directory External Identities.
2,740 questions
Microsoft Entra
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,351 questions
0 comments
Accepted answer
  1. Givary-MSFT 30,251 Reputation points Microsoft Employee
    2024-02-28T06:25:32.9966667+00:00

    @EnterpriseArchitect If I understand correctly you want to enable hybrid users (synced from on-premise AD) to enroll for MFA via Authenticator app - to achieve this refer to the steps mentioned here - https://video2.skills-academy.com/en-us/entra/identity/authentication/howto-authentication-passwordless-phone#:~:text=the%20passwordless%20method.-,Enable%20passwordless%20phone%20sign%2Din%20authentication%20methods,-Tip

    Let me know if you have any further questions in achieving your requirement or feel free to post back.

    Please remember to "Accept Answer" if answer helped, so that others in the community facing similar issues can easily find the solution.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest