question

mgateno avatar image
0 Votes"
mgateno asked DanKloeppel-2052 commented

Cannot save sign-in risk policy

I'm trying to enforce an automatic block on a user sign-in risk detection.

Under Home-Security-Identity Protection. I was able to enable enforcement of the User Risk Policy, but when I try to enable enforcement of the Sign-in risk policy I get an error saying "Unable to save Azure AD sign-in risk policy"

No other details are provided in the error message.

azure-ad-hybrid-identity
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

MarileeTurscak-MSFT avatar image
0 Votes"
MarileeTurscak-MSFT answered

Hi @MarcoGateoCh-5186,

Thank you for your post! Please ensure that you are using an account that is either a global administrator, security administrator, or Conditional Access administrator.

You also need an Azure AD Premium P2 license to apply the policies, as noted here: https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/overview-identity-protection

If you are still having this issue after meeting those prerequisites, please share the screenshot of the error and I will help troubleshoot.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

WuAlan-0249 avatar image
0 Votes"
WuAlan-0249 answered

We have Azure AD P2 license and I logged in as a global administrator and still I got error while trying to enable and save the Sign-in Risk policy and User Risk Policy.
Any idea?

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

$$ANON_USER$$ avatar image
0 Votes"
$$ANON_USER$$ answered

I just experienced the same difficulty despite having the two requirements : Global Admin and P2 license. Any thoughts?

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

$$ANON_USER$$ avatar image
0 Votes"
$$ANON_USER$$ answered

Ah! Found the solution. It seems you can't activate the sign in risk policy more than once, using different log in credentials from different domains. I just logged in with my second log in credentials (from one domain) with P2 license and Global Admin, disabled user sign in policy using those and then swapped back in with the log in credentials I had problems with(from another domain) and viola, I was able to save the user sign in risk policy.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

JuhaPalomki-7202 avatar image
0 Votes"
JuhaPalomki-7202 answered DanKloeppel-2052 commented

Got the same error message, problem was cached data. The policy appeared as disabled, while it actually was already enabled. Noticed this when I logged in from privacy browser session.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Thank you for the tip. This worked for me as well.

0 Votes 0 ·
herland avatar image
0 Votes"
herland answered herland edited

Nel mio caso basta attendere qualche minuto e riprovare, ha funzionato

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.