I've been working on integrating some on-premise servers with Azure Arc for update management. Everything was going smoothly until recently. After running the onboarding script, I encountered an error during the authentication process. It states that MFA validation is required, specifically stating: 'Resource 'servername' was disallowed by Azure: You are receiving this error because you tried to create, update or delete Azure resources without authenticating through MFA. User accounts must be authenticated through MFA to manage your resources.' The strange part is that I never receive an MFA prompt during the script execution, although I do get the prompt when logging into the Azure portal through a browser. Has anyone else faced this issue or have any advice before I consider raising a support ticket?
1 Answer
It sounds like you need to ensure that your console session is properly authenticated. You can try using `Connect-AzAccount` in Azure PowerShell or `az login` in Azure CLI to authenticate and possibly trigger the MFA prompt properly. It's important to verify that your session settings reflect the requirements for MFA access.
Just to clarify, do I need to install the Az PowerShell modules on every server I'm onboarding? Last week, I onboarded five servers without them, and the script didn't mention any Az modules—it just used the Azure Arc agent.