Forum Discussion

JMSHW0420's avatar
JMSHW0420
Iron Contributor
Jul 10, 2023

Error with accessing Microsoft 365 Defender Data Connector...

Hello to all,   Just tried to access the Microsoft 365 Defender data connector on a client instance and received the following error message...     Has anyone come across this and even res...
monitoring
Solutions
Julian's avatar
Julian
Brass Contributor
Are you using classic conditional access policies? Replace them with new policies and try disabling the old ones 🙂
JMSHW0420's avatar
JMSHW0420
Iron Contributor
Jul 11, 2023
Thanks for the reply Julian.

The actual error: AADSTS50131 (Device is not in required device state)

I think I have seen this error relating to classic CA policy definitions that were created when Intune is or was connected to the Defender portal...
  • gem0011's avatar
    gem0011
    Copper Contributor
    Aug 23, 2023

    JMSHW0420 
    I wanted to follow up on this issue. Were you able to resolve it? If so, could you provide some guidance or steps to remedy the issue? 

    • Hey_man's avatar
      Hey_man
      Copper Contributor
      Aug 25, 2023

      gem0011There is no Sentinel Apps in the Conditional Access. Thus, the only way is disable MFA in the account which you used for configure the Sentinel. Then configure the Microsoft 365 Defender Data Connector. Once configuration was completed, restore the MFA settings in the account.

    • JMSHW0420's avatar
      JMSHW0420
      Iron Contributor
      Aug 28, 2023
      Hello gem0011,

      I was able to resolve the matter (for me) by adjusting the classic CA policy and applying an exclusion group...

      You check this by:
      • Log in to Azure Portal
      • Search for or click on 'Azure AD Conditional Access'
      • Click on Manage > Classic Policies
      • See under 'Policy Name' if [Windows Defender ATP] Device policy) is listed
      • Click on the policy and create an exclusion group...

Resources