This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(105.60000000000001, 0%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERN%3C/text%3E%3C/svg%3E)
We initially enabled Azure MFA but then disabled it due to issues.
We have one user on our Office 365 account who is still prompted for the “more information required” page when logging in. The ultimate error is “An error occurred. No valid strong authentication method found. Contact your administrator to configure and enable appropriate strong authentication provider.”
MFA is disabled for the user and disabled for the tenant (Enable security defaults is set to No).
The Event log on the ADFS server is Event 364, AD FS –
Encountered error during federation passive request.
Additional Data
Protocol Name:
wsfed
Relying Party:
urn:federation:MicrosoftOnline
Exception details:
Microsoft.IdentityServer.Web.NoValidStrongAuthenticationMethodException: No strong authentication method found for the request from urn:federation:MicrosoftOnline.
at Microsoft.IdentityServer.Web.Authentication.AuthenticationPolicyEvaluator.EvaluatePolicy(Boolean& isLastStage, AuthenticationStage& currentStage, Boolean& strongAuthRequried)
at Microsoft.IdentityServer.Web.PassiveProtocolListener.GetAuthMethodsFromAuthPolicyRules(PassiveProtocolHandler protocolHandler, ProtocolContext protocolContext)
at Microsoft.IdentityServer.Web.PassiveProtocolListener.GetAuthenticationMethods(PassiveProtocolHandler protocolHandler, ProtocolContext protocolContext)
at Microsoft.IdentityServer.Web.PassiveProtocolListener.OnGetContext(WrappedHttpListenerContext context)
The problem user account doesn’t appear to be any different from others that don’t have any issues logging in.
Does anyone any ideas where I look to resolve this?
Thanks
Russell
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 6%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJ%3C/text%3E%3C/svg%3E)
This has been open for a year and just helped me so.... my issue/solution was as follows:
Issue: During MFA configuration/testing, ALL users could not access portal.office.com and were getting the strong authentication required error
As LarryAlexander-1838 explained the below command returned additional auths but should not have:
(run PS as admin)
$ThisRPT="{Your RPT}"
(Get-AdfsRelyingPartyTrust -Name $ThisRPT).AdditionalAuthenticationRules
I confirmed via the GUI, I had the right custom access issuance rules and then ran:
Get-AdfsRelyingPartyTrust $ThisRPT | Set-AdfsRelyingPartyTrust -AdditionalAuthenticationRules $null
This blanked out the additional authentication rules attribute and my users were able to access the RP again.
Note this fixed my problem and my not fix yours.