Disabling MFA for CoreView service accounts

Disabling Multi-Factor Authentication (MFA) is essential for running CoreView properly with service accounts. However, to maintain tenant security, you must use Conditional Access to block connections outside of our data center.

Step 1: access all users in Entra admin center

Log in to the Microsoft Entra 365 admin center. In the navigation menu, select “Users” > “All users”.

Step 2: open Per-user MFA controls

From the top menu, select the “…” and then “Per-user MFA.” 

You will be redirected to the “Per-user multifactor authentication” page listing all users. At the top of the list, you will see buttons to enable, disable, and enforce MFA.

Step 3: select and update service accounts

Search for CoreView service accounts and select them. Disable MFA for the CoreView service accounts by clicking the “Disable MFA” button at the top of the list. If they already have the “Disabled” status, no changes are needed.

Note: the number of service accounts depends on your tenant size.

Step 4: Confirm and apply changes

A popup window will open, asking you to confirm your choice. Confirm to proceed.

Important note about multi-factor authentication

If you have implemented Multi-Factor Authentication (MFA) for accessing your Microsoft 365 cloud services, please create a conditional access policy that prevents your on-premises Hybrid Connector IP address from prompting for second-factor authentication for one of the CoreView service accounts.

Without this exception policy, your CoreView tenant will not be able to open any management sessions.

Note: your Hybrid Connector IP may be behind a NAT applied by your network gateway when connecting to public networks such as the Internet. We recommend checking with your network specialist to identify the public IP address used by your on-premises system when connecting to public networks.

For further details about conditional access exception policy, refer to the Official Microsoft documentation.