Support MFA in active directory sync tool
It would be nice if you didn't have to disable MFA on the account the AD sync tool uses. The tool should be updated to accept MFA during setup and then be handled appropriately to avoid needing to re-authenticate during normal use.
XG Fan commented
ip-based access control for the sync user would also be an improvement over no mfa, no access control.
Definitely not great that I have to create a separate admin account without MFA just to utilize AD sync.
Shane Burke commented
I agree, it forces us to set "Select admins who will need MFA. (All others sign in with password only.)" and to trust all admins will add each new account to this list when setting up any new accounts.
Wil Burns commented
and SVGM deployment. I would up vote this 1000x if I could.
This way you could still use the All Admins Need MFA setting rather than having to remember to manually add admins to the MFA required list.