Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,606 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(195.2, 0%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVM%3C/text%3E%3C/svg%3E)
@Alexander You can test the following policy to verify if it meets your requirement.
It would be easier if you have 2 different policy for this.
1) Require Trusted Locations - Condition
Followed by MFA under grant
2) Require Trusted Devices (If you mean compliant and Hybrid AD Joined)
Under Grant
Please do test them and let us know if it helped.