Specify AD Users that Require Multi-Factor Authentication
Specify the Active Directory users in classic zones or Auto Zones that require multi-factor authentication to log on or use privileged commands.
If you enable this policy, you can specify users by name in the following formats:
sAMAccountNamesAMAccountName@domainuserPrincipalName@domaindomain/container/cnCN=commonName,...,DC=domain_component,DC=domain_component- An asterisk (*), which includes all Active Directory users
By default, no users are required to authenticate using multi-factor authentication.
On computers running Server Suite Express agents, you must set this policy using the configuration parameter. Group policies are not supported for Express agents.
This group policy modifies the adclient.legacyzone.mfa.required.users configuration parameter in the agent configuration file.
