Forum Discussion

Viesturs's avatar
Viesturs
Copper Contributor
Oct 25, 2022
Solved

MS Teams, Unknown User Mac

Hello,    New users are shown by their name and department in MS Teams search but when chatting they are shown as Unknown User, they got office premium licence and all details input in Azure, users...
Administrator
microsoft teams
tips & tricks
  • kaaven's avatar
    kaaven
    Oct 25, 2022

    Viesturs 

    I did some research and an https://practical365.com/disable-azure-ad-accounts-teams/ gave clue. It seems when blocking an account (even later) it have major delays towards Micrsoft Teams. It also gave a PowerShell command to troubleshoot what happens.

     

    I would think that blocking the account might not be a best practice in your case. Would it be better to use conditional access to limit the user from logging in, thus not blocking login on account level, but require them to login from https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-policy-location? This could give the desired effect without side effects.

     

    Regards.

     

Viesturs's avatar
Viesturs
Copper Contributor
Oct 25, 2022

kaaven Hey, thanks for the reply

 

How are the new users created in your tenant?

They are first created by power automate flow where they are assigned with company email and licences. At that point users are blocked from signing in. They are created straight away with proper names, emails, business structure etc

 

Is the problem present for all users in the organization?

Only new employees and not all of them which makes it strange cause the initial setup is the same. 

 

 

Yes, changes in azure might take some day or more as I have noticed to show up in teams. That's why I am wondering if that might be the problem cause teams do not get the info if user is blocked from signing in. And then when you unblock the user and reset psw the same joining day it only starts to sync with Azure not earlier. I am just wondering not sure if this might be the case.

 

kaaven's avatar
kaaven
Brass Contributor
Oct 25, 2022

Viesturs 

I did some research and an https://practical365.com/disable-azure-ad-accounts-teams/ gave clue. It seems when blocking an account (even later) it have major delays towards Micrsoft Teams. It also gave a PowerShell command to troubleshoot what happens.

 

I would think that blocking the account might not be a best practice in your case. Would it be better to use conditional access to limit the user from logging in, thus not blocking login on account level, but require them to login from https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-policy-location? This could give the desired effect without side effects.

 

Regards.

 

  • Viesturs's avatar
    Viesturs
    Copper Contributor
    Oct 26, 2022
    I think this is just the thing I was looking for, cause the blocked sign-in we got by default to all new joiners which would make sense. As well in that material you sent it states quite clearly about it. I think we will just Unblock sign in earlier so it does not cause any problems. Thanks for all input!