Forum Discussion
MS Teams, Unknown User Mac
- Oct 25, 2022
I did some research and an https://practical365.com/disable-azure-ad-accounts-teams/ gave clue. It seems when blocking an account (even later) it have major delays towards Micrsoft Teams. It also gave a PowerShell command to troubleshoot what happens.
I would think that blocking the account might not be a best practice in your case. Would it be better to use conditional access to limit the user from logging in, thus not blocking login on account level, but require them to login from https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-policy-location? This could give the desired effect without side effects.
Regards.
kaaven Hey, thanks for the reply
How are the new users created in your tenant?
They are first created by power automate flow where they are assigned with company email and licences. At that point users are blocked from signing in. They are created straight away with proper names, emails, business structure etc
Is the problem present for all users in the organization?
Only new employees and not all of them which makes it strange cause the initial setup is the same.
Yes, changes in azure might take some day or more as I have noticed to show up in teams. That's why I am wondering if that might be the problem cause teams do not get the info if user is blocked from signing in. And then when you unblock the user and reset psw the same joining day it only starts to sync with Azure not earlier. I am just wondering not sure if this might be the case.
I did some research and an https://practical365.com/disable-azure-ad-accounts-teams/ gave clue. It seems when blocking an account (even later) it have major delays towards Micrsoft Teams. It also gave a PowerShell command to troubleshoot what happens.
I would think that blocking the account might not be a best practice in your case. Would it be better to use conditional access to limit the user from logging in, thus not blocking login on account level, but require them to login from https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-policy-location? This could give the desired effect without side effects.
Regards.
- ViestursOct 26, 2022Copper ContributorI think this is just the thing I was looking for, cause the blocked sign-in we got by default to all new joiners which would make sense. As well in that material you sent it states quite clearly about it. I think we will just Unblock sign in earlier so it does not cause any problems. Thanks for all input!