TEAM: Huntress Managed Identity Threat Detection and Response (ITDR, formerly MDR for Microsoft 365)
ENVIRONMENT: Microsoft Azure Portal
SUMMARY: Steps on how to fix AADSTS53003 errors for Huntress Managed Identity Threat Detection and Response
This error results from a missing permission or AD role that causes the Huntress Security Platform's Microsoft 365 User MFA Visibility component to fail.
It's caused one of two ways:
-
The Huntress Security Platform Enterprise Application does not have the Reports.Read.All permission.
To verify and fix:
-
-
- Navigate to the enterprise applications list in the Azure portal.
- Select the Huntress Security Platform application from the list
- In the left-hand menu, sub-menu Security, select permissions
- Review the list of permissions for Reports.Read.all
- If not present, reauthorize the Huntress Security Platform application
-
-
The HuntressAdmin@domain.tld user account that authorized the Huntress Security Platform integration is not a member of a Security Group under the respective Admin Relationship for said Microsoft 365 Tenant that includes the Security Administrator.
To verify and fix:
-
-
- Navigate to administrative relationships in the partner center.
-