This guide will show an administrator how to view MFA registration activities that users have initiated.
Role Requirements
Procedure Scope: Administrators
Required Group Membership: Admin.Compliance
Handbook Reference
Package: TBD
Domain: TBD
Modifies: TBD
- Navigate to the User Registration Details – Azure Active Directory portal, here you will find information on the MFA methods that the associated users have currently registered, if the listed user accounts are capable of registering for one of the MFA methods, and detect any discrepancies in MFA enforcement for desired user accounts. From this page you can see the UPN (name@domainname) and Name associated with the user that has completed registration, if the has the proper licensure or capabilities to register MFA (authenticator app), Passwordless (Windows Hello for Business), or SSPR (the methods specified within the Password Reset section of AAD, this also includes information that could indicate if the user was a member of the defined SSPR policy enforcement scope). This section will also include a list of all Methods registered by the user account as well as the Last Updated Time this information had been gathered by Microsoft reporting (this metric does not indicate when the user initially registered this authentication method). Filtering can be adjusted if you know specific information related to the event you are trying to explore.
Need Assistance?
Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.