Travis I have tried your method and everything works, except the SSPR wizard pops up as soon as I login. Can we control teh Password reset and exlcude break glass accounts?
@@Doctair Hello. I am running into the same issue with SSPR. Wondering if you ever figured this out. On another channel it was suggested that we can turn off SSPR for admin account but it would then be off for all admin accounts which doesn't seam like a very good tradeoff.
@@Kim-tr1fy No I did not yet find a solution as of yet. I am guessing that SSPR is off entirely for tenant in these Videos, as I 've several that all run through it but never get prompted for registering the Cell number.
Thanks, this is exactly what I do when configuring a new Tenant. It's also worth putting a recurring entry into your calendar (eg monthly) to verify that you can logon OK eg that MFA hasn't unwittingly been enabled for the account
I've excluded both of my break-glass accounts from MFA as explained, is there any way to skip the MFA registration that is required for all of our users?
time will come you just need to tell the MS AI to do this exactly for you just say your requirement! GG IT sysadmin jobs lol jusy say "uhmm please create me an emergency access to our azure account so i cant be locked out, make it secured but no MFA, and also notify me every time this account logged in" 5 seconds later... AI: done, i have texted you the account details, anything else?
Thank you for the walkthrough but you didn't address SSPR for Admin accounts. How to do address this?
Travis I have tried your method and everything works, except the SSPR wizard pops up as soon as I login. Can we control teh Password reset and exlcude break glass accounts?
@@Doctair Hello. I am running into the same issue with SSPR. Wondering if you ever figured this out. On another channel it was suggested that we can turn off SSPR for admin account but it would then be off for all admin accounts which doesn't seam like a very good tradeoff.
@@Kim-tr1fy No I did not yet find a solution as of yet. I am guessing that SSPR is off entirely for tenant in these Videos, as I 've several that all run through it but never get prompted for registering the Cell number.
Thanks, this is exactly what I do when configuring a new Tenant. It's also worth putting a recurring entry into your calendar (eg monthly) to verify that you can logon OK eg that MFA hasn't unwittingly been enabled for the account
I've excluded both of my break-glass accounts from MFA as explained, is there any way to skip the MFA registration that is required for all of our users?
exclude it from self service password reset as well
My heart skipped a beat today when I switched my default directory and it kept giving me cookie errors. Until i logged into Entra ID whew !
does this account have to be enabled ?. The company I work for ius pushing for it to be disabled. I'm unsure how yould get it enabled if needed.
I don't believe that would work. Someone would need to log in with and account that has elevated privileges to enable it.
@@Ciraltos thats what I hoped you would say :-), Cheers !!
Good stuff
time will come you just need to tell the MS AI to do this exactly for you just say your requirement! GG IT sysadmin jobs lol jusy say "uhmm please create me an emergency access to our azure account so i cant be locked out, make it secured but no MFA, and also notify me every time this account logged in" 5 seconds later... AI: done, i have texted you the account details, anything else?