Create azure user groups, give specific accounts permissionto to reset MFA for users in that groups.

Question

question

ZVIOVEKU-5854 asked Feb 6, '22 ricardosolisvillegas-4678 answered Feb 6, '22

Create azure user groups, give specific accounts permissionto to reset MFA for users in that groups.

Hello Team,

Last few weeks I am trying to find solution about MFA delegation, I want to allow specific users permission to reset MFA for specific people/group. There are two kinds of assignment as I found out, Privileged authentication administrator and Authentication administrator. Privileged cant be used, cause It can reset everyone's MFA, including administrator, while Authentication administrator is restricted to do that with admin's account. So how can we create groups add users and assign permission to only members of that group.

azure-ad-multi-factor-authentication azure-ad-group-management

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Answer 1 · 2022-02-06T21:54:10.24Z

ricardosolisvillegas-4678 answered Feb 6, '22

Hello @ZVIOVEKU-5854

Please check this out....

https://docs.microsoft.com/en-us/microsoft-identity-manager/working-with-self-service-password-reset

Try it using what is mentioned on the doc plus MIM settings as well. Finally, I expect that on your groups besides adding members you also add owners to the group itself.

I hope this can address your concern.

5 |1600 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

question