question

JackPoston-8240 avatar image
0 Votes"
JackPoston-8240 asked MarileeTurscak-MSFT edited

Azure AD join a device without MFA

I'm trying to set up a new surface for an employee and when I go to Azure join the device with his account it want's me to enter 2fa info like a phone number. I have no active CA policies, Security Defaults are off, and not legacy MFA or per user MFA is on for this user. How do I turn this off temporarily so I can get his machine set up and ready for him and then later turn MFA back on?

azure-ad-multi-factor-authentication
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

MarileeTurscak-MSFT avatar image
0 Votes"
MarileeTurscak-MSFT answered MarileeTurscak-MSFT edited

Is it possible that you have "Require multi-factor authentication" for device enrollment set? https://docs.microsoft.com/en-us/mem/intune/enrollment/multi-factor-authentication

You can check in the Microsoft Endpoint Management admin center whether MFA is required for device enrollment and then disable that setting/policy.


· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

That was it.
Thank you.

1 Vote 1 ·

Yay! Glad that worked. I will convert that comment to an answer then.

0 Votes 0 ·