without prejudice

My feedback

  1. 906 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    without prejudice commented  · 

    Assigning a Helpdesk staff member "Authenication administrator" and "User Administrator" rights in Azure Active Directory admin center does not allow the Helpdesk staff member to Enable or Disable MFA.

    It does appear to allow the Helpdesk staff member to "Require re-register MFA" and "Revoke MFA Sessions" and change "Authentication Contact Info" in Azure which is helpful once the user is setup.

    This still means however that a Global Admin has to get involved in the creation of every new user to enable MFA or the Global Admin role needs to be given to Helpdesk which is extremely undesirable.

    Please could you raise the priority on this request?

Feedback and Knowledge Base