We currently have mfa running in our 365 tenant but we’re looking to migrate to Duo. I have successfully rolled out our RDP mfa with Duo and also have my on premise Access Gateway up and running. When I federate my domain, will that break the current mfa setup or does it only break when the user becomes federated? I’m asking because I would like to roll this out a few users at a time rather than an entire tenant.
Reading the 365 Documentation it makes me think the switch happens when the domain becomes federated.
Once you federate a custom domain your Microsoft Online tenant with Duo Access Gateway, all Microsoft 365 applications will redirect those federated users to Duo Access Gateway when they sign in, while cloud-only (non-federated) users continue to log in using the Microsoft online sign-in form.
We use locally installed versions of Outlook and Teams in my environment. Since both of those applications use 365 to authenticate, will the Duo mfa be added to that login?