Forum Discussion
Random MFA prompts from Universal Store Native Client
Steve Hernou I have the same problem. I provided log sample to the MS Australia security lead today hoping with an insider we can get answers. In my case we block the UK in Conditional Access which is where all this traffic is originating from so we are safe but it's a frigging nuisance with all the MCAS alerts coming through.
So far no news to report here. Haven't received feedback yet from conditional access product manager but I relaunched this morning.
Please share should you receive something useful from your side of the globe 🙂
Michael McLaughlinMicrosoft
Folks, I'm pulling in some of my colleagues from the conditional access team and we're looking at the situation. We'll share any results we find. Steve's summary above is accurate--in the examples we've looked at, CA is triggering MFA as the policies define.
I want to chime in on this thread, as we are seeing the same behavior. (Unfortunately, our MFA configuration is not CA-based, as we have not altered it from turning it up almost 2 years ago and "forcing" MFA for everything.)
The good part, as others mentioned, is that users are reporting an unknown authentication attempt as fraud. The bad news is the user has no idea what is triggering it, and the logs point to the Universal Store Native Client.I look forward to possible solutions.
