Share via

Unable to remove legacy SSPR authentication methods

Konstantin 0 Reputation points
2023-03-10T10:13:13.9266667+00:00

Screenshot 2023-03-10 at 10.59.42

Dear community,

in order to complete the migration to the new authentication methods, one must remove all legacy methods, available at the shown location.

Unfortunately reading the current values fails with the above message, so I'm not able to complete the migration, which also fails with a message: "Couldn't save new migration state: you cannot move to migration complete until disabling all methods in the legacy SSPR policy." In order to disable all methods in the old legacy SSPR policy I need access to the displayed location on the screenshot.

So I'm sticking at this point and don't know how to continue. Any help is highly welcome.

Thank you in advance.

Kind regards,

K.Z.

Microsoft Security | Microsoft Entra | Microsoft Entra ID
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. JimmySalian-2011 44,721 Reputation points
    2023-03-10T11:50:33.6866667+00:00

    Hi,

    403 Error seems like a RBAC role issue, do you have full access or delegated access to the Azure Tenant to make changes? Check with the tenant admin to provide access so you can make changes to this policy.

    Also with regards to Password policy check if you have combined registration option enabled on the tenant - https://learn.microsoft.com/en-gb/azure/active-directory/authentication/concept-registration-mfa-sspr-combined

    Hope this helps.

    JS

    ==

    Please Accept the answer if the information helped you. This will help us and others in the community as well.

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.