Unable to login without MFA in azure

Neeraj Chimwal 11 Reputation points
2023-01-10T13:23:45.08+00:00

Hi, I have one invited guest user in Azure AD. Now I want to login to SQL using SSMS. But the problem is it says that microsoft has enables security defaults, because of which it is forcing me to install authenticator app in my mobile.

277924-untitled.png

When I checked in Azure AD properties, the security defaults option was disabled. I want to use SMS OTP method to login to my SQL server which I can't find anywhere.

277961-untitled.png

On the other hand, I have one internal user that I created, with which I can login to my SQL server using OTP method. Can anyone please let me know what can I do disable this forced MFA by microsoft? Please let me know if you need any more details

Microsoft Authenticator
Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation.
7,789 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,969 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Amit Singh 5,071 Reputation points
    2023-01-11T08:29:45.37+00:00

    When you require your account to re-register for MFA and you can't log in to the Portal, you can try navigating to aka.ms/mfasetup to update your authentication method/phone number. Additionally, if you have the correct permissions, you can use the below script to require your User to re-register for MFA.

    1.  Connect-MsolService -AzureEnvironment AzureCloud
    2.  $User = Get-MSolUser -UserPrincipalName "user@company.onmicrosoft.com"
    3.  $ User.StrongAuthenticationMethods
    4.  Reset-MsolStrongAuthenticationMethodByUpn -UserPrincipalName "user@company.onmicrosoft.com"

    For more info - https://docs.microsoft.com/answers/answers/70361/view.html

    If none of the above steps work to reset your account, you'll have to reach out to one of your Authentication Admins or Global Admins within your organization to reset your MFA settings.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.