I'm using Azure AD Premium P2, and also Hybrid Synched OnPremise AD DS to Azure AD with Azure AD Connect (PHS).
I need to enable specific team members that is in specific AD security group to have the 2FA/MFA enabled.
Total Number of users 1000+ spread geographically around the world.
Current Limitation is, MFA/2FA can only be enabled by Global Admins, which is just 4 people across the regions.
How can I achieve this with Conditional Access Policy in Azure by adding the specific users to the AD security Group called 'Secured Users Group' ?
I need some steps and the guidance in this, so that the Global Admins do not need to manually enable 2FA/MFA one by one.