Azure-docs: Security deafults + new tenant

@MartinFuhrmann
Thanks for your feedback! We will investigate and update as appropriate.

Hi @MartinFuhrmann , it should not be excluded unless there is a tenant policy or user policy overwriting the setting, or unless the account is excluded for another reason (for instance, being the AD Connect Synchronization account). Can you please check your conditional access policies to make sure that there's nothing interfering with the setting?

Since it's hard to diagnose this issue without knowing all of your environment settings, please send an email to me at [email protected] and include your subscription ID, and I will open a free support case for you. Please include screenshots of your configuration if you can.

I'm closing this out as it needs to move to a support case.

It was a new tenant, nothing else like CA was configured. i just switched on the security defaults and afterwards i logged into the tenant using admin credentials. I wasn't asked for MFA. So ... my question is: does it take a certain amount of time till it works?

It appears it does take some time after the creation of the tenant. I have also recently started testing this. I created a new tenant to verify Security Defaults would be enabled by default, it was. However, like you, I was not prompted for MFA registration with any accounts, whether they were in admin roles or not. I created the tenant about two weeks ago, haven't touched it since until today and everything has kicked in and users are prompted to register. I even tested creating a new user and it was prompted upon first login.

Now what the time frame is I'm not sure, but it's somewhere between 1 hour and ~2 weeks after creation, haha.

Hi @majorwitteman,
thank you for testing sd and the confirmation that it takes a little while till it "kicks in". 👍
Best
Martin