A new feature currently in preview for Azure AD is Conditional Access Policies (CAP) using pre-built policies. It is currently available for organizations with Azure AD Free (This is pretty much everyone that has Azure AD Connect enabled). Admins can now make use of four conditional access policies. The four policies are:
- Require MFA for admins
- End User Protection
- Block Legacy Authentication
- Require MFA for Service Management
For this article, I’ll go over how to enable policy number 2, which will force all users to register with MFA (within 14 days) and force an MFA check during “Risky situations.”…