Error with accessing Microsoft 365 Defender Data Connector...

Brass Contributor

Hello to all,

 

Just tried to access the Microsoft 365 Defender data connector on a client instance and received the following error message...

 

JMSHW0420_0-1688986627590.png

 

Has anyone come across this and even resolved it?

 

5 Replies
Are you using classic conditional access policies? Replace them with new policies and try disabling the old ones 🙂
Thanks for the reply @Julian.

The actual error: AADSTS50131 (Device is not in required device state)

I think I have seen this error relating to classic CA policy definitions that were created when Intune is or was connected to the Defender portal...

@JMSHW0420 
I wanted to follow up on this issue. Were you able to resolve it? If so, could you provide some guidance or steps to remedy the issue? 

@gem0011There is no Sentinel Apps in the Conditional Access. Thus, the only way is disable MFA in the account which you used for configure the Sentinel. Then configure the Microsoft 365 Defender Data Connector. Once configuration was completed, restore the MFA settings in the account.

Hello @gem0011,

I was able to resolve the matter (for me) by adjusting the classic CA policy and applying an exclusion group...

You check this by:
• Log in to Azure Portal
• Search for or click on 'Azure AD Conditional Access'
• Click on Manage > Classic Policies
• See under 'Policy Name' if [Windows Defender ATP] Device policy) is listed
• Click on the policy and create an exclusion group...