question

WILSON3838 avatar image
0 Votes"
WILSON3838 asked

Azure AD Connect required?

Verbiage on the below link seems to imply Azure AD Connect is a requirement (prerequisite) to enable MFA in Azure AD if using "Hybrid identity scenarios". We use AD DS on-premises and Azure AD for Microsoft 365 resources. We want to continue in the same configuration (separate passwords, not synced), and enable MFA for Azure AD. What are the pitfalls of enabling MFA and bypassing Azure AD Connect?

https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-getstarted#plan-user-rollout

azure-ad-connect
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

michev avatar image
1 Vote"
michev answered JamesTran-MSFT commented

Well how are synchronizing the users to Azure AD, if at all? Hybrid generally means you are using directory synchronization (password sync and other features are not required), thus the need for AAD Connect. You dont technically need it to enable MFA for objects that already exist in Azure AD, either created as cloud-only or synced.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@WILSON3838
I just wanted to check in and see if you had any other questions or if you were able to resolve this issue?

If you have any other questions, please let me know.
Thank you for your time and patience throughout this issue.


Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

0 Votes 0 ·