Cannot configure multi-factor authentication methods because the organization requires this information to be set from specific locations or devices.

Dmitrii Razbornov 21 Reputation points
2022-07-29T20:45:40.173+00:00

I created a policy from the template, and changed only a group in the settings, instead of All users put a custom group mfa required to register.

Now, whether the user is a group member and outside of a trusted location, the policy cannot register MFA for him at all. Why so, it contradicts the settings.
Correct me if I'm reading wrong these settings: if the user is a part of the group and he is accessing O365 service from anywhere except trusted locations (which we configured with our public IPs), then he is required to register MFA.

Any thoughts on this?

226353-image.png

The error I get:

Sign-in error code53010 Failure reason Cannot configure multi-factor authentication methods because the organization requires this information to be set from specific locations or devices.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,279 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Cristian SPIRIDON 4,476 Reputation points
    2022-07-30T04:49:13.863+00:00

    Hi @Dmitrii Razbornov ,

    From my understanding, the policy from above is not controlling the access to Office 365 services but is controlling the way you register for MFA.

    At the 'Cloud apps or action' section you need to select cloud apps not user action - register for security information.

    Hope this helps!

    1 person found this answer helpful.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.