• There is ONE MORE place where you need to look – Azure AD Identity Protection. There is a company-wide MFA setting there that will force your users to go through MFA.
    Azure AD > Security > Identity Protection > MFA Registration Policy

  • >