Cannot configure MFA even after acquiring Azure AD Premium P1 license

Question

I am trying to configure two-factor authentication for a specific set of users from a particular location.

For that, I recently purchased Azure AD Premium P1 license and I'm the global admin of my azure account.

But the issue is, even after doing all these, I am unable to configure conditional policy and it is showing as disabled for me.

I am not understanding what setting is really needed here. Is there any other way to configure MFA to users other than conditional access?

Or do I need any specific permission to make it possible?

score 2 · Accepted Answer · answered Jun 29 '22 at 11:32

With Azure AD Premium P1 license, you can configure conditional access like below:

Please try assigning Security Administrator role and note that it may take a few hours to reflect.

To configure MFA for specific set of users from particular location, create one user group and one named location based on your requirements like below:

enter image description here

Create a new conditional policy like below:

enter image description here

In conditions select location and choose named location you created like below:

enter image description here

In Grant, select required MFA and create like below:

enter image description here

For more in detail, please refer below links:

Enable Azure AD Multi-Factor Authentication - Microsoft Entra | Microsoft Docs

Azure Conditional Access can't Include or Exclude users (spiceworks.com)

As you said, after granting the Security Administrator role, it activated late. The next day I am able to configure CA. Thanks for the info — , Jul 01 '22 at 02:18

Cannot configure MFA even after acquiring Azure AD Premium P1 license

1 Answers1