during our project to get users configured in Azure MFA we have gone in to the o365 admin center - users - active users - multifactor authentication, finding the user and enabling MFA so they get the 'more information' screen to setup their ms authenticator app so their mfa status shows as 'enforced'.
however, some users didn't go through that process instead went to aka.ms/mfasetup. After they configure MFA their user account in the o365 admin center - users - active users - multifactor authentication still shows them as 'disabled'. Our issue is that we something have to remove their MFA (ie disable) but are unable to as their status is already 'disabled'.
we are unable at this stage to use conditional access so were wondering if there was a way out there for this to be done