This is a quick article to show you how to configure MFA with a conditional Access policy for Windows365.
Please note that I am using Windows 365 Business and a developer licence from Microsoft.
These high level steps will guide you through the process of setting up MFA and creating a conditional access policy for Windows 365.
- Within the Microsoft 365 portal, Navigate to Users > Active Users > Then select Multifactor Authentication.
2. Enable MFA for the users in question. This can be done by selecting the user and clicking Enable using the quick steps menu on the right hand side of the page.
3. Once complete, Go to Portal.Azure.com. Navigate to Azure Active Directory using the icon or search bar.
4. Then click properties > manage security defaults located at the bottom of the properties page. Then configure to enable Conditional Access.
5. We now select the Security button located on the left menu.
6. Select Conditional Access within the left-hand menu.
7. You will now see Conditional Access page.
8. Click Create New Policy
9. Enter a name for the Conditional Access Policy and set assignments for all users as shown in the screenshot shown below.
10. Under cloud apps or actions > select “cloud apps” under “Select what this policy applies to” and select the app Windows 365.
11. Now we need to set the condition of the policy
12. We will configure client apps and select both “Browser” & “Mobile apps and desktop clients”. This means that the policy will apply for access to Mobile/Browser and desktop clients.
13. We now set the grant access configuration and tick “Require multi-factor authentication” under Grant access.
14. The last section we will configure is Session, to set the controls on user access based sign-in frequency. In this example we set 4 hours however, you can choose what ever you/your organisation decide.
15. Ensure that you set the policy to On.
16. Once you have clicked Create, you will see the Newly created police in the policies section as shown in the screenshot below.
This provides a high level guidance for setting up Multi factor and Conditional access policies for Windows 365.
Any questions, feel free to drop me a line or comment.