Implementing Multi-Factor Authentication
Configuring Application Access
Implementing Access for External users
The course is part of this learning path
This course has been designed to teach you how to manage Microsoft 365 access and authentication. The content in this course will help prepare you for the Microsoft 365 Identity and Services exam.
The topics covered within this course include:
- Managing Authentication
- Implementing Multi-Factor Authentication
- Configuring Application Access
- Implementing Access for External Users of Microsoft 365 Workloads
Who should attend this course?
- Those who are preparing for the Microsoft 365 Identity and Services exam
- Those looking to learn more about Microsoft 365
- To learn how to configure and monitor authentication
- To learn how to administer MFA and report on its utilization
- To learn how to configure application registration and use Azure AD Application Proxy
- To learn how to use Azure Active Directory B2B to add and manage external users
To get the most from this course, you should at least be familiar with the Microsoft 365 offering and have a general understanding of its features.
- [Narrator] Some MFA settings, including those settings for app passwords, Trusted IPs, verification options and a few others, are found in Service Settings. You can access Service Settings from the Azure Portal by browsing to Azure Active Directory, and then from there, clicking on MFA. From the Getting Started page that opens up, click on Additional Cloud Based MFA Settings under the Configuration heading to reveal these additional settings. As I mentioned earlier, some applications don't support two-step verification. To use these applications, use the App Passwords feature. To configure app password settings, do so from this screen. As you can see, you can allow users to create app passwords, or you can prevent them from doing so. You can also configure Trusted IPs. What the Trusted IPs feature offers is the ability to bypass two-step verification for users who sign in from the company intranet, for example. However, this feature's only available with the full version of Azure Multi-Factor Authentication, and not the free version for administrators. It's important to note that the MFA Trusted IPs and Conditional Access Named Locations only work with IPv4 addresses. It's also important to note that the Trusted IPs bypass only works from inside the company intranet. In addition to Trusted IPs, you can select the verification methods that you want to be available for end users. We covered these verification methods earlier, so I'm not going to torture you with them again. Just know that this is where you can configure them. The option to remember Multi-Factor Authentication when configured allows users to bypass subsequent verifications for a set number of days after they've successfully signed in to a device via MFA. What this feature provides is a better end user experience. It does so by minimizing the number of times that a user has to perform two-step verification from the same device.
About the Author
Tom is a 25+ year veteran of the IT industry, having worked in environments as large as 40k seats and as small as 50 seats. Throughout the course of a long an interesting career, he has built an in-depth skillset that spans numerous IT disciplines. Tom has designed and architected small, large, and global IT solutions.
In addition to the Cloud Platform and Infrastructure MCSE certification, Tom also carries several other Microsoft certifications. His ability to see things from a strategic perspective allows Tom to architect solutions that closely align with business needs.
In his spare time, Tom enjoys camping, fishing, and playing poker.