Cannot enable Security Defaults as Identity Protection policies are enabled, apparently

eggbean 11 Reputation points
2020-09-24T03:22:59.5+00:00

When I try to enable Security Defaults, it refused to do so and I get this error message:
27919-image.png

It looks like you have Identity Protection policies enabled. Enabling Identity Protection policies prevents you from enabling Security defaults.

After a lot of looking around I finally find this "Identity Protection | MFA registration policy" page where I turn Enforce Policy to Off:
https://aad.portal.azure.com/#blade/Microsoft_AAD_IAM/IdentityProtectionMenuBlade/MfaPolicy

But I still cannot enable Security Defaults and I get the same error message.

As far as I understand it, Identity Protection Policies should be unavailable to me anyway, as I am using the free version of Azure AD, whereas I did used to use Azure AD Premium for a short trial period.

How do I enable Security Defaults, as currently I do not even have any form of MFA enabled anymore.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,350 questions
0 comments No comments
{count} votes

3 answers

Sort by: Most helpful
  1. VipulSparsh-MSFT 16,271 Reputation points Microsoft Employee
    2020-09-24T11:22:33.4+00:00

    @eggbean Thanks for reaching out. Please confirm that you do not have any premium licenses like AAD P1 or AAD P2 still in trial mode. To confirm and cancel, you can follow the cancel subscription section in this URL : https://learn.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-delete-howto#delete-a-subscription

    28091-cancel-sub.png

    Once you have done that, the tenant should come back in Free edition mode and you should be able to do it.
    If the tenant is already in Free mode and you have manually cancelled the subscriptions as mentioned in above article, you would need to open a support ticket with Azure AD team for them to further investigate.

    -----------------------------------------------------------------------------------------------------------------

    If the suggested response helped you resolve your issue, please do not forget to accept the response as Answer and "Up-Vote" for the answer that helped you for benefit of the community.

    1 person found this answer helpful.

  2. Dave 1 Reputation point
    2020-11-23T14:11:09.493+00:00

    We are having the exact same issue in our organization. We were on a trial, the trial has been canceled, and now we can no longer enable security defaults. I have reported this issue to Microsoft but they seem to be claiming it is a user error instead of trying to diagnose if it is a problem on their end.

    0 comments No comments

  3. Cheemalakonda, Ram 1 Reputation point
    2022-11-10T21:35:54.117+00:00

    ![259179-image.png][1] [1]: /api/attachments/259179-image.png?platform=QnA Turn off any of these settings and try again. This worked for me.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.