How to tell if my legacy user account is fully MFA updated

Question

Howdy All,

First, sorry if my question is silly or confusing but I'm having a difficult time telling if all my legacy Azure profile settings were properly updated. I am attempting to read up and fix it myself, but I worry that there may be components out of my accessibility.

Reason I think I have an issue;

While doing the Kusto Query Language (KQL) Exercises;

1. I can successfully access & query Azure Data Explorer (Per the example)
2. I receive errors when I attempt to access Log Analytics Demo [Error Below]
3. I can access the Resource Graph Explorer but the sample query returns zero results.

Why I think there could be a legacy/conversion issue.

• I did follow the steps to enable the new MFA
• When I activated the MFA Policy Automated Migration
  • It ran and didn't state an error
  • After I ran it, I learned I didn't have a Encarta Account
    • Without one you couldn't create or edit policies
    • After creating the Encarta Acct, I was able to finish enabling MFA
    • Because of that out of order process, I'm worried something else wasn't applied properly in the migration.

As of right now when I attempt to access Log Analytics Demo I get prompted to log in with my Azure Acct or Encarta Acct (Which I hate, shouldn't it be singular? Or were the accts supposed to be linked/nested and that didn't occur?)

If I use my Azure Profile (Which is global Admin) I get the following error (Why did they make the error text unselectable/copyable?!?)

Pop-Up error states;

There was an authentication problem. Try signing out and signing in again Access to workspace 'CH1-LA' from '73.186.209.253' is denied. To allow access from public networks, change the workspace Networking settings or add it to a Network Security Perimeter. (workspace resource ID: /subscriptions/ebb79bc0-aa86-44a7-8111-cabbe0c43993/resourceGroups/ch1-opsrg-pri/providers/microsoft.operationalinsights/workspaces/CH1-LA) If the issue persists, please open a support ticket. Request id: 14e80474-723e-4ffb-833d-a9e263135154

Page error states;

• "You do not have authorization to access this resource. /Demo"
• Session ID 0606bb5314754ddaa953787443ed1f9f
• Resource ID Not available
• Extension Microsoft_OperationsManagementSuite_Workspace
• Content LogsDemo.ReactView
• Error code 403

Summary data;

{"shellProps":

{"sessionId": "d4c9cd2255e749d2bae52e2f40807513","extName": "Microsoft_OperationsManagementSuite_Workspace", "contentName": "LogsDemo.ReactView", "code": 403 }, "error": {"message": "You do not have authorization to access this resource. /Demo", "code": 403 }}

I've logged out and back in with 2 factor auth (text then Authenticator code) and still see these issues. I'm sure the issue is PEBCAK and don't expect folks to walk me through anything. I'm just wondering if that migration didn't work as expected and the automated migration link is now gone of course.

If this is just related to my free Accts settings or linking, or a module's configuration I'd appreciate it a great deal if anyone could just point me towards whatever module it could be and I'll start reading up and learn it proper. I'll be doing that anyways, there are just so many spots I feel like it could be in, and then you 2x that for the 2 profiles. I thought I did resolve all the needed steps and thus far I haven't had issues in any other Azure module.

And I apologize in advance if I'm asking something very basic, etc.. I just don't want to move on in the module unless I can run all the expected functionality. Hopefully, it's just something silly that everyone knows as common knowledge. I was just excited to dig into KQL and had to take a 3 hr Dev-Ops detour. I just don't know if my issue is addressed in the Azure or Encarta Dashboard or under which Profile. I hope it's the Azure one because I don't want to have to recreate all my active resources under the other profile but that doesn't sound right.

Thank whomever in advance,

~ Alex