I had issues in my lab environment that i could not access the settings for defender for Microsoft 365 Connector. I was just asked to login again. With error AADSTS50131.

I looked for risky users in the Identity Protection portal. And the account was listed with a medium risk. I looked and all policies was disabled under risky users and I also looked in conditional access policy but no risk policies was enabled for this account. I than continued to Azure AD and looked at the sign-in logs for the account. I could see a failure but with no policy applied.

  1. No conditonal access policy was applied
  2. Sign-in error

We can also see that the service is WindowsDefenderATP the good old name=). Since it’s an old name I did go for the legacy policies instead. And there it was. Activated and applied. I turned of the policy and after that I was able to access the Microsoft 365 Defender Connector in Sentinel again.

Hope this can help if you get in the same trouble as I did.