TEAM: Huntress Managed Identity Threat Detection and Response (ITDR, formerly MDR for Microsoft 365)
SUMMARY: AADSTS Errors for Huntress Managed Identity Threat Detection and Response
The error I have is not listed
Please open a Huntress support ticket. The team will be able to assist you faster with the inclusion of Sign-in Logs for the impacted tenant, filtered to the authenticated identity.
AADSTS50076
AADSTS530004
Why? Non-Windows devices, e.g., the Huntress Service, are blocked from completing MFA.
Fix! Add a Conditional Access Policy account exclusion, non-compliant, non-managed for the Huntress Service Account
AADSTS65001
AADSTS50173
Why? Authorizing user's password has been reset
Fix!
- Delete and re-auth the integration
AADSTS50020
AADSTS50173
Why? Authorizing user has reset their password, which has invalidated the Huntress Microsoft 365 integration
Fix! Use a dedicated service account without password rotation requirements or reset the Huntress Microsoft 365 integration at each password reset
AADSTS500212
Why? WIP
Fix! Unblock per https://learn.microsoft.com/en-us/azure/active-directory/external-identities/cross-tenant-access-settings-b2b-collaboration#before-you-begin
AADSTS50079
Why? User is not enrolled in MFA
Fix!
- Enroll Huntress Service Account in MFA
AADSTS530032
Why? Identity protection is blocking the dedicated Huntress service account.
Fix!
- Access the Risky User Report and dismiss the Huntress Service Account's user risk.
This error may take some time to clear. Relevant Microsoft KB