Contractor account creation and MFA

Beyond Trust Contractor account creation

Create an Office 365 mailbox in the on prem exchange server (https://mail.nucor.com)
1. Create the account with the display as: First Last (SPS-CON)
2. Create login as sps.bky.firstname.lastinitial example: sps.bky.chris.o
3. Place the account in SPS > BKY > Users > Contractors
4. Set the email as domain as @nucor.com
After the account has replicated to Active Directory add to the following groups:
1. SPS.BKY.SA.PRA.Contractors
2. RZ-Opus-FlatProduct
Once added to the groups a sync will take place over night adding the newly created account to the proper Azure groups. To start the process of setting up MFA follow these steps:
1. Login to https://portal.azure.com with ADM account
2. Open Privileged Identity Management
  1. Select ‘Groups (Preview)’ link
  2. Search for “PIM AZ.SPBKY.AU All Roles” and select it
  3. Under Eligible assignments page select Activate link on the right hand side of the page.
  4. Enter the reason and select Activate on the bottom and wait for completion
3. Select Home on the top left side of the page
4. Select Azure Active Directory
5. Select Users on the left side of the page
6. Search for the newly created contractor account and select it
7. Select Authentication methods on the left side of the page.
8. Select “+ Add authentication method” and enter the phone number and wait for completion.