Hello,

I am assessing my company’s Azure AD conditional access. It was setup by somebody else before me and there’s no documentation. Long story short- Our normal users(without any admin access) have complained that they have to sign back in to their azure portal/D365 on browsers very often. When I look at the CA policies for session control- I see that there is one policy that requires MFA for all users and also have sing in frequency as 14 days. Also, there’s another policy for privileged users enforcing MFA where sign in frequency is set as 1 day and persistent browser session is set as ‘Never’. If I understand this correctly, our normal user should only have to sign in again in their browser every 14 days but why is it that they have to authenticate themselves multiple times a day.

Any advice would be appreciated.

​Hello, I am assessing my company’s Azure AD conditional access. It was setup by somebody else before me and there’s no documentation. Long story short- Our normal users(without any admin access) have complained that they have to sign back in to their azure portal/D365 on browsers very often. When I look at the CA policies for session control- I see that there is one policy that requires MFA for all users and also have sing in frequency as 14 days. Also, there’s another policy for privileged users enforcing MFA where sign in frequency is set as 1 day and persistent browser session is set as ‘Never’. If I understand this correctly, our normal user should only have to sign in again in their browser every 14 days but why is it that they have to authenticate themselves multiple times a day. Any advice would be appreciated.    Read More

​