Hi,

We just realised that when we launch an app using elevated credentials the device is contacting our ADSS server.  If the server is not reachable (no network connection for example) we're not able to get password the prompt and instead get a message saying the server is not reachable.

We've not enabled any policies in ADSS to require MFA on endpoints yet but I see that if I check the advanced machine MFA settings it's ticked to enable MFA for UAC:

Is there a way to disable this?  We're not in a position yet to enable MFA for machine login.

Thanks

James