ADSSP Admin portal missing logs for MFA Backup Codes generated by Admins
The ADSSP portal Build 6100 provides Admins to generated MFA Backup Codes for end-users but does not have any logs recorded which could help trace back to which Admins have generated this code for an end-user account
This is very bizarre and not sure what ADSSP had in mind when they introduced this feature but left out the logs for it.
An Admin can generate this code and by using this code can break into any end-users account by changing their password and there would be no log in the ADSSP admin portal indicating which Admin generated this code. Thus enabling the culprit Admins to be untracable here.
New to ADSelfService Plus?