Hi All,
I am hoping someone can shed some light on this. One of my customers tenant has Azure sign-in failures against CMG client app.
CMG is functional and I am not seeing any obvious issues. There is a CA policy in place to enforce MFA for admins which is failing and is applied for all cloud apps.
Is this normal? Does one need to exclude the ConfigMgr-Server App to fix this?
Excluding the ConfigMgr-Client App from the CA policy is certainly something I would try since that's what's listed in the failures and enforcing it for this app really has no value.
Thanks Jason. Since the resource app is listed as ConfigMgr-Server app in the sign-in data, I excluded that in the CA policy of MFA and that cleared the sign-in errors immediately. Also, I couldn't find ConfigMgr-Client App for exclusions.
While this certainly fixes things and leaving the technical aspect of CA policy aside, I am curious whether excluding the CMG app in CA policy like this is an expected configuration setting or not because I haven't found anything in the official docs that would suggest this as a requirement.
7 people are following this question.
