Forum Discussion

kevinmckeown8's avatar
kevinmckeown8
Steel Contributor
Dec 05, 2018
Solved

New Admin Center - Block apps that don't use modern authentication - Button is Showing Wrong State

If you go to the New SharePoint Admin center, on the Access Control page you can Block apps that don't use modern authentication. This page presents you with a toggle button and a label that says "Block access from apps that don't use modern authentication". If you toggle the button to "On" you would expect blocking to actually be on.

 

However, if you go to the Classic SharePoint Admin center, then the Access Control page there, you will see that this same setting is actually set to "Allow". 

 

This could be a pretty big security risk and should be fixed immediately. 

 

Essentially the New SharePoint Admin Center is telling you that older authentication methods are Blocked, but the Old Admin Center is telling you that it is Allowed. Using PowerShell to verify, you can see that this setting is in fact set to Allow, which means the New SharePoint Admin Center is showing you the wrong state of this setting.

admin
SharePoint Online
  • jcgonzalezmartin's avatar
    jcgonzalezmartin
    Dec 05, 2018
    FYI, I have reported this internally to the team that is working on the new Admin Center

6 Replies

Sort By
  • kevinmckeown8's avatar
    kevinmckeown8
    Steel Contributor
    Dec 13, 2018

    This issue appears to have been resolved around December 12, 2018. They have removed the toggle button and replaced it with radio buttons for Allow and Block, keeping it similar to the old admin center and functioning as expected now.

  • Thuyavan Ganesan's avatar
    Thuyavan Ganesan
    Steel Contributor
    Dec 05, 2018

    Yes Kevin I agree with you on the wording which is misleading but  I have checked the through PowerShell it functions right.

     

    in this case its blocked  but its supposed to be allowing .

    Thanks,

    Thuyavan

     

    • kevinmckeown8's avatar
      kevinmckeown8
      Steel Contributor
      Dec 05, 2018

      In the screenshot you provided, with your toggle button set to Off, your tenant should be Allowing not Blocking. Your statement that "in this case its blocked  but its supposed to be allowing" is proving the case that this toggle button is not correctly setting the LegacyAuthProtocolsEnabled property.

       

      With the current wording of its label, turning this toggle button to "On" should Block older authentication types and set the LegacyAuthProtocolsEnabled property to False (blocked), but it is not doing this, it is incorrectly setting it to True (allowed). I have verified with PowerShell multiple times as well.

       

      Microsoft needs to either change the wording of the label for this button, or correct how it is functioning.

      • Thuyavan Ganesan's avatar
        Thuyavan Ganesan
        Steel Contributor
        Dec 05, 2018

        Yes Kavin, I have raised the ticket and see if I could log this as know issues under SharePoint Admin center.

         

        Hope this helps.

        Thuyavan

         

Resources