I just setup Azure AD Conditional Access and added the Duo as a custom control. It’s “working” essentially with one major issue. When I try to log into OWA I get prompted to enroll. My account is already enrolled because we use Duo for our OpenVPN solution. If I try to enroll again, it tells me my phone number cannot be added (see picture). Is there something I need to flag to let it pass already enrolled users through? I can’t seem to figure it out so I thought I would ask here. Any help appreciated, thanks!