M365 as a data source with MFA
-
Hello,
I have successfully set up MS365 as a data source. The login of the users in SecurityGateway works correctly with the access data from MS365.
If I now activate the MFA in MS365 for a user, the login to SecurityGateway is no longer possible for this user. For all users without MFA in MS365, the login still works,
Is it possible that the connection with MS365 and SecurityGateway no longer works if MFA is activated in MS365?
Best Regards
OliverI am using v10.0.3 of SecurityGateway
-
Arron Staff
When MFA is enabled in MS365, SecurityGateway is no longer able to authenticate the user using the MS 365 user verification source, however, user verification during SMTP sessions is still successful.
"On October 15, 2024, Microsoft will require all Microsoft 365 tenants to use multi-factor authentication (MFA). This change will prevent SecurityGateway users from authenticating through a Microsoft 365 user verification source. As a result, affected users will no longer be able to log in to the SecurityGateway website or send mail directly to SecurityGateway via an authenticated SMTP session using their Microsoft 365 credentials. However, if a local password has been configured for the account in SecurityGateway, affected users will still be able to authenticate using the locally stored password.
User verification during SMTP sessions will continue to function correctly.
If you need users to maintain the ability to authenticate, we recommend following Microsoft's instructions to postpone the enforcement date until April 15, 2025.The SecurityGateway development team is actively working on improvements to better support these changes from Microsoft, and we will make them available to the public as soon as they are ready."
-
@Arron Thanks for the quick reply.