How to Enable Multi Factor Authentication for Operators and Admins who Access the CoreView Portal (New UX)
Modified on Wed, 06 Jul 2022 at 02:45 AM
Categories
-
What's New
-
Release Information
- CoreView Release Notes May 2023
- CoreView Release Notes April 2023
- CoreView Release Notes March 2023
- CoreView Release Notes February 2023
- CoreView Release Notes January 2023
- CoreView December 2022 Release Notes
- CoreView November 2022 Release Notes
- CoreView October 2022 Release Notes
- September 2022 Release Notes
- August 2022 Release Notes
- Release 22.06 Key Features
- Release 22.05 Key Features
- Release 22.04 Key Features
- Release 22.03 Key Features
- Release 22.01 Key Features
- Release 21.12 Key Features
- Release 21.11 Key Features
- Release 21.10 Key Features
- Release 21.09 Key Features
- Release 21.08 Key Features
- Release 21.07 Key Features
- Release 21.05 Key Features
- Release 21.04 Key Features
- Release 21.03 Key Features
- Release 21.02 Key Features
- Release 21.01 Key Features
- Release 20.12 Key Features
- Release 20.11 Key Features
- Release 20.10 Key Features
- Release 20.09 Key Features
-
Release Information
- Getting Started with Customer Care
-
Getting Started with CoreView
-
Configuring
- Configuration Overview (New UX)
- Configuration Overview
- Creating CoreView Tenant Administrators (New UX)
- Creating CoreView Tenant Administrators
- CoreView Operator Uses Cases & Dependencies
- Creating a License Pool
- Understanding Virtual Tenants
- Frequently Asked Configuration Questions
- "Send As" DNS Requirements for CoreAdoption Campaigns (Optional)
- How to enforce MFA on CoreView service accounts
- Creating a License Pool
-
A Quick Tour of CoreView
- A Quick Tour of the CoreView Interface
- Introducing the CoreView New User Experience
- CoreView New UX FAQ
- CoreView Dashboards
- Using CoreView Reports
- How to use CoreView Management Actions (New UX)
- How to use CoreView Management Actions
- Understanding CoreView Releases
- Creating your first Workflow - A Practical Exercise
- Introducing the new site for Partner customer management
-
Configuring
-
How to
-
Exchange Online
- How to check and analyze the Message Trace
- How To Configure Email Forwarding
- How to convert a Shared Mailbox to a User Mailbox
- How to convert a user mailbox to a shared mailbox in Exchange Online
- How to Create Microsoft 365 Groups for Improved Collaboration
- How To Create Shared Mailbox
- How To Create User Mailbox
- How To Grant Access To Mailbox
- How to List all the Mailboxes a User has access to in Microsoft 36
- How to remove delegates from Mailbox
- How to remove user access to Mailbox
- How to review and manage Exchange online mailbox permissions
- How to verify if a user has updated the Password
- Read Permission for Mailbox
- What are security groups and How to create it
- What is a Distribution Group and How to create it
-
Exchange Online
- Custom Actions Library
- Getting Started with CoreHybrid
-
Knowledge Resources
-
Understanding CoreView - Quick Start Guides.
- CoreView Quick Start Guide Overview and Index - Tenant Admins
- CoreView Quick Start Guide Overview and Index - Operators
- Understanding CoreView Tenant Configuration – Management
- Understanding the CoreView Operator Profile
- Understanding CoreView Operator Roles
- Understanding CoreView Operator Delegation
- Understanding CoreView - Report Column Filtering
- Understanding CoreView - The User Interface
- Understanding CoreView Tenant Configuration - V-Tenant User Filters
- Understanding CoreAdoption – Templates and Campaigns
- Understanding CoreLearning - Content Hierarchy
- Understanding CoreView Tenant Configuration - Portal Information
- Understanding CoreView Tenant Configuration - CoreLearning
- Understanding CoreView Tenant Configuration Options
-
Troubleshooting Common Issues
- Unable to see OneDrive, SharePoint and Exchange Data (New UX)
- Unable to see OneDrive, SharePoint and Exchange Data
- Remote Office 365 PowerShell session can Conflict CoreView Management Actions
- Why I cannot save the changes on existing License pool?
- Error when attempting to perform a Management Action (New UX)
- Error when attempting to perform a Management Action
- Unable to modify the Assigned Licenses in my License Pool Report
- Enabling Permission for Endpoint Manager Actions (New UX)
- Enabling Permission for Endpoint Manager Actions
- How to enable permission for BitLocker keys report (New UX)
- How to enable permission for BitLocker keys report
-
Tenant Administration
- How to recreate Admins Read-only (New UX)
- How to recreate Admins Read-only
- How to add an operator to the portal?
- How to enable and configure CoreView management session (New UX)
- How to enable and configure CoreView management session Current UX
- How to provide a consent to activate Azure AD Reports Feature and activate Partial Import?
- Tips & Tricks: Leverage Pivot Reports to Prototype License Pool Criteria Filter
- Tips & Tricks - How to manage email notifications for newly added Operators.
- Disable MFA from Read Only Service Accounts
- How To: Report on "Consumed Portal Licenses" (New UX)
- How To: Report on "Consumed Portal Licenses"
- How to Configure Allowed IP Addresses for CoreView Service Accounts
- Tips & Tricks: How to merge License Pools
- How to Use CoreView's Global Report Filters
- How to use the What If tool to check Azure AD conditional access policies
- How to Configure Allowed IP Addresses for CoreView Service Accounts
- How to Archive a Teams Group
- How to Restore a Teams Group
- On-demand Import for a Single Device in Endpoint Manager (Intune)
- Custom Actions using the Microsoft Graph API
- How to set up your tenant for the switch to Microsoft Graph API
- GraphAPI configuration: How to get Client ID and Client Secret
-
Reporting and Analytics
- How do I Check and Manage Calendar Permissions for a User? (newUX)
- How CoreView can help you with your Microsoft 365 Chargeback Goals.
- New UX: Understanding the new License Centers
- Understanding the Savings Opportunities Dashboard
- Understanding the License Optimization center
- Understanding License Pool Snapshots report
- Understanding Call quality dashboard
- Understanding Call quality report
- Understanding User call quality report
- Understanding Teams groups activity report
- Understanding Teams Adoption Growth Report
- Understanding Endpoint Manager reports
- Understanding Teams dashboard
- Understanding Risky Users report
- Understanding KPI dashboard
- Understanding Storage Dashboard
- Troubleshoot Active Users (License Usage) data
- Legacy Protocol Management
- Report Columns: Is active 30/60/90
- Quarantined Messages Report - Understanding The Reports
-
Managing and Administration
- Teams Voice: Direct Routing Support
- How to enable management function?
- CoreView Playbooks Overview
- CoreView Playbook Policy Overview
- Forward SMTP Address vs Forward Address management actions
- How to add the users in bulk while executing Users management actions?
- How to Create & Manage Custom Actions (New UX)
- How to Create & Manage Custom Actions
- How to schedule a report to be sent automatically, and how to modify its scheduling options?
- How to schedule an alert report for the License Count
- Tips & Tricks – How to read and modify license pool report?
- Overview of CoreView Workflow
- How to delegate Workflow management using roles
- How to configure CoreView and ServiceNow integration
- How to Enable Multi Factor Authentication for Operators and Admins who Access the CoreView Portal (New UX)
- How to Enable Multi Factor Authentication for Operators and Admins who Access the CoreView Portal
- How Can I Migrate from Group-Based Licenses to Direct Licenses Managed by CoreView?
- Naming convention rules
- Custom Actions: Forbidden and Warning Values
- How to add users to Distribution Group in bulk using via CSV
- Not able to manage licenses error (New UX)
- Not able to manage licenses error
- Using custom action json output as an input in the workflow
- Setting the Sensitivity Label on SharePoint as a Mandatory Field
- DistinguishedName vs OnPremisesDistinguishedName
-
Customer Engineering Workshop
- Migrating from Azure Group Based Licensing to CoreView
- Customer Engineering Workshop - Teams Voice
- Customer Engineering Workshop - Playbooks – policy, perfected
- New UX Workshop - General Overview Session 2
- New UX Workshop - General Overview Session 1
- What’s new in License reporting – the new user interface and the License Center
- CoreView and ServiceNow – Integrating Workflows with ServiceNow
- Advanced Workflows & Custom Actions
- Customer Engineering Workshop: Reports, Dashboards, and Alerts
- Limiting M365 Admin Access with Permission Roles, V-tenants, and License Pools
- Customer Engineering Workshop Global - Group Licensing with CoreView
- Customer Engineering Workshop Global - Filters and Custom Actions
-
Understanding CoreView - Quick Start Guides.
- Internal Customer Care Resources
- Service Issues
-
CoreView Product Manual
-
Analyze
- Dashboards
- KPI Dashboard
- Operational Reports
- License Reports
- User Reports
- Mail Traffic Reports
- Exchange Reports
- Skype for Business Reports
- Teams Reports
- Group Reports
- Device Reports
- Endpoint Manager Reports
- Security reports
- SharePoint Reports
- Aggregation Reports
- OneDrive Reports
- Yammer Reports
- Report Actions
-
Analyze
- Getting Started with CoreLearning
- Getting Started with CoreScan
- Getting Started with CoreTag
- Getting Started with CoreSaaS
- Learning Platform
- Playbooks
This article covers what multifactor authentication is and how to configure a conditional access multifactor authentication policy for operators and administrators who access CoreView.
Multifactor Authentication (MFA) Overview
Multifactor Authentication (MFA) is when a user is prompted for additional forms of identification during a sign-in event. This prompt could be to enter a code on their cellphone or provide a fingerprint scan. When you require a second form of authentication, security is increased as this additional factor isn't easy for an attacker to obtain or duplicate.
The following guide will teach you how to setup the basic Conditional Access MFA Policy for Operators and Admin accessing your CoreView Portal.
To implement MFA, a working Azure AD tenant with at least an Azure AD Premium P1 or trial license enabled is needed for each account to be assigned to an MFA policy. If needed, add some trial licenses for free.
Note: Remember to create your CoreView Operator’s Accounts selecting the flag “Use organization account” in order to enable the single sign on feature available between your Azure Ad environment and CoreView portal. This feature allows you to leverage any security setting you applied in your Azure AD environment.
The recommended way to enable and use Azure AD Multi-Factor Authentication is with Conditional Access policies. Conditional Access lets you create and define policies that react to sign-in events and request additional actions before a user is granted access to an application or service.
Conditional Access policies can be granular and specific to empower users to be productive wherever and whenever and protect your organization.
This guide will create a basic Conditional Access policy to prompt for MFA when a user signs in to the CoreView portal.
However, please consider that you can assign different criteria to your conditional access policies, such as a risk-based Conditional Access policy. For more details about this topic, please review the reference section of this document.
First, create a Conditional Access policy and assign your security group of users as follows:
- Sign in to the Azure portal using an account with global administrator permissions.
- Search for and select Azure Active Directory, then choose Security from the menu on the left-hand side.
- Select Conditional Access, then choose + New policy.
- Enter a name for the policy (in the screenshot below, we have used “Test MFA”)
- Under Assignments, choose Users and groups, then the Select users and groups radio button.
- Check the box for Users and groups, then Select to browse the available Azure AD users and groups.
- Browse for and select your Azure AD group, such as CoreView MFA Enabled, then choose Select.
Note: The group CoreView MFA Enabled has been created before, and a pilot user account has been assigned to this group. All the users who belong to the configured group will be prompted for multi-factor authentication when they log in CoreView portal.
To apply the Conditional Access policy for the group, select Done.
With the Conditional Access policy created and a test group of users assigned, now define the cloud apps or actions that trigger the policy.
These cloud apps or actions are the scenarios you decide to require additional processing, such as to prompt for MFA.
So, to configure the Conditional Access policy to require MFA when a user signs in to the CoreView portal, please complete the following steps:
- Select Cloud apps or actions; on the Include page, choose the Select apps radio button.
- Choose Select, then browse the list of available sign-in events that can be used and choose CoreView Portal, so the policy applies to sign-in events to the CoreView portal as shown in the below picture:
- To select the apps, choose Select, then Done.
- Under Access controls, choose Grant, then make sure the Grant access radio button is selected.
- Check the box for Require multi-factor authentication, then choose Select.
Conditional Access policies can be set to Report-only if you want to see how the configuration would impact users or Off if you don't want to use the policy right now.
As a test group of users was targeted for this guide, let's enable the policy and then test CoreView log in Multi-Factor Authentication. You will:
- Set the Enable policy toggle to On.
- Select Create to apply the Conditional Access policy.
Microsoft Documentation References
Setup Multifactor Authentication:
Multifactor Authentication for Microsoft 365: