Microsoft Entra admin center
=> Entra ID - Authentication methods
=> Software OATH tokens
=> Set Include Groups
=> Entra ID - Authentication methods
=> Settings
=> System-preferred multifactor authentication
=> Add Groups to Exclude will make the members can set Default sign-in method
Browse "Security info" of Shared Account (https://aka.ms/mfasetup)
=> Add sign-in method
=> Choose Microsoft Authenticator
=> I want to use a different authenticator app
=> Finish the setup with OTP App you want to use (Microsoft Authenticator will do)
*. You may want to change the "Default sign-in method" from "App based authentication - notification" to "App based authentication or hardware token - code" to avoid high App Notification frequency.
*. If you see "Microsoft Authenticator - notification" instead of "App based authentication - notification" and "Sign-in method when most advisable is unavailable" instead if "Default sign-in method" on the "Security info" page, you might have forgotten to follow the second section of the Microsoft Entra Admin Center.
沒有留言:
張貼留言