Issue Summary
When configuring or running migration tasks using the Microsoft 365 connectors, you may encounter the following error during authentication:
Error Message:
“Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication.”
Additionally, a similar error may appear:
Error Message:
“Due to a configuration change made by your administrator, or because you moved to a new location, you must enroll in multi-factor authentication to access ‘<TargetTenantID>’.”
These errors typically arise from misconfigured migration accounts, particularly in scenarios involving both Source and Target connectors.
Resolution Steps:
To resolve the issue, please review and ensure the following for both the Source and Target migration accounts used in the connectors:
-
Verify that MFA is Disabled:
-
Ensure that Multi-Factor Authentication (MFA) is turned off for the migration accounts.
-
-
Exclusion from Conditional Access Policies:
-
Confirm that the migration account is not part of any Conditional Access Policies that enforce MFA or block access based on location or network configurations.
-
-
Confirm Administrative Permissions:
-
Verify that the migration accounts have the appropriate administrative permissions for SharePoint or Global Admin rights. Without these permissions, the migration process may be hindered.
-
-
Test Migration Accounts Login:
-
After performing the above steps, try logging into the Microsoft 365 Admin Center using the migration account(s): https://admin.microsoft.com. Observe whether any errors occur during the sign-in process. If MFA-related errors still occur, ensure that the account settings and permissions are properly configured.
-