Azure Active Directory: Included Groups in MFA Enforcement Policy | Voters

Azure Active Directory: Included Groups in MFA Enforcement Policy

submitted

Samuel Pierce

The DisplayName will need to be edited to match the string you use for your MFA enforcement policy, so for Example if yours is called Require DUO MFA the string metric would read Groups[?contains(~.Policies.ConditionalAccess[?displayName ==

Require DUO MFA

].conditions.users.includeGroups[], id) ].displayName

Groups[?contains(~.Policies.ConditionalAccess[?displayName ==

Enforced MFA

].conditions.users.includeGroups[], id) ].displayName

January 13, 2022