Dec 05 2018 08:43 AM - edited Dec 05 2018 12:01 PM
If you go to the New SharePoint Admin center, on the Access Control page you can Block apps that don't use modern authentication. This page presents you with a toggle button and a label that says "Block access from apps that don't use modern authentication". If you toggle the button to "On" you would expect blocking to actually be on.
However, if you go to the Classic SharePoint Admin center, then the Access Control page there, you will see that this same setting is actually set to "Allow".
This could be a pretty big security risk and should be fixed immediately.
Essentially the New SharePoint Admin Center is telling you that older authentication methods are Blocked, but the Old Admin Center is telling you that it is Allowed. Using PowerShell to verify, you can see that this setting is in fact set to Allow, which means the New SharePoint Admin Center is showing you the wrong state of this setting.
Dec 05 2018 09:11 AM
Yes Kevin I agree with you on the wording which is misleading but I have checked the through PowerShell it functions right.
in this case its blocked but its supposed to be allowing .
Thanks,
Thuyavan
Dec 05 2018 09:22 AM - edited Dec 05 2018 09:27 AM
In the screenshot you provided, with your toggle button set to Off, your tenant should be Allowing not Blocking. Your statement that "in this case its blocked but its supposed to be allowing" is proving the case that this toggle button is not correctly setting the LegacyAuthProtocolsEnabled property.
With the current wording of its label, turning this toggle button to "On" should Block older authentication types and set the LegacyAuthProtocolsEnabled property to False (blocked), but it is not doing this, it is incorrectly setting it to True (allowed). I have verified with PowerShell multiple times as well.
Microsoft needs to either change the wording of the label for this button, or correct how it is functioning.
Dec 05 2018 09:43 AM
Yes Kavin, I have raised the ticket and see if I could log this as know issues under SharePoint Admin center.
Hope this helps.
Thuyavan
Dec 05 2018 11:42 AM
SolutionDec 06 2018 09:49 AM
Dec 12 2018 07:39 PM
This issue appears to have been resolved around December 12, 2018. They have removed the toggle button and replaced it with radio buttons for Allow and Block, keeping it similar to the old admin center and functioning as expected now.
Dec 05 2018 11:42 AM
Solution