Migration to Modern Authentication in Microsoft 365

Background

Microsoft will remove the ability to use basic authentication as of October 1st, 2022. They will allow a one-time extension but the final deadline will be January 2023 with no possibility of further use. 

Cloud App Security used basic authentication to provision connectors, journal, connection filter, mail flow rules and phishing filters. Consequently, an affected customer who does not take action by September 30th will lose the ability to have changes be reflected in Microsoft when making changes to Protect (Inline) policies or removing lingering configuration when offboarding the application. Mail flow will not be affected.  

Resolution

Customers who onboarded Cloud App Security product to their Microsoft tenant before February 21st, 2022 must take action and follow the guidance below.  

To check if you are affected, please loginto your Microsoft 365 Admin Center |Users |Active Users and look for the presence of a 'sonicwall-service-user' that is a global admin. Do not delete this user yet. 

1. If this user is present, please login to CAS to reauthorize your application under Configuration |Cloud App Store |Outlook|Configure. 

2. Click on 'Re-Authorize SonicWall CAS Office365 Emails App'.

3. Continue for Step 1. 

4. Cloud App Security can be re-authorized using a different account than the one from which Cloud App Security was originally authorized, but the account must be a global administrator account within the same domain.

5. You must complete Step 2.

6. Accept Step 2.

7. Reauthorization is now complete. We will periodically run a script to migrate customers who have reauthorized to Modern Authentication over the next few weeks. Do not delete your sonicwall-service-user account until you verify that it has not signed in for the last 72 hours.