Scenario: you enable multi-factor authentication (MFA) for a user in Office 365, they go through and configure it but then they keep getting prompted for credentials in Outlook and can’t proceed.
The prompt box is the old school type and not the modern authentication style.
Modern auth may be disabled on the tenant.
Run this PowerShell against the tenant:
Get-OrganizationConfig | Format-Table Name,OAuth* -Auto
If it gives false, modern auth needs enabled and this is your issue.
Run this to enable it. Takes affect nearly immediately and no negative impact:
Set-OrganizationConfig -OAuth2ClientProfileEnabled $true
Jason works as a project specialist at an IT MSP in Erie, Pennsylvania, USA. He’s an IT/security professional with 19 years experience.