Forum Discussion
Public Teams Live Event prevents MSFT accounts from joining
- Hi grommit,
Have raised a uservoice for you here
https://microsoftteams.uservoice.com/forums/555103-public/suggestions/43875447-support-msa-accounts-in-public-live-event
Would recommend to vote up to push it up the agenda. Whilst uservoice will end soon these will be moved to a new system at some point so it's important to make sure it's on there for Microsoft line of sight. I would mention it on AMA's here in the Teams community and I will also pass it along to the product and engineering team later this week.
Hope that answers your question
Best, Chris
Teams App
1. I had the Teams windows app up and running, logged in using my MSFT personal account.
2. I opened Edge (New/Chromium) then browsed to the public Teams Live Event url
3. The Teams windows app flashed up automatically, but rather then the expected logged in session I had before I was prompted with the below Live Event Sign In page.
4. Clicked sign-in, if memory serves my MSFT personal account was displayed so only had to accept the MFA prompt to allow this from my MSFT authenticator app.
5. Now stuck on “We just need to sign in, and then we’ll get you to your meeting“ for about 1 minute which then changes back to ‘Welcome to the live event!’ sign in page.
6. If I select Sign In again, I go through the same logon failure loop.
7. If I select Join anonymously I join the Teams Live Event without issue.
8. If I select Sign In again but provide my M365 Business work account details it works fine, different tenant to the organizser, I'm not a guest on that tenant, I wasn't invited directly to the meeting.
This is broken and not user friendly.
I've not tested from my mobile, but the M365 tenant which created the public Teams Live Event has that SharePoint Online/Onedrive setting enabled to limit un-managed devices to web access only, no apps. This may explain why the Teams app on mobile logged into using MSFT personal account threw error about needing to be a managed device, however this is a PUBLIC Teams Live Event so should just work for anyone, MSFT 365 Business accounts and MSFT Personal accounts AND anonymous.
Teams webpage
0. Set Edge (New/Chromium) to not open Teams app
1. Logon to the Teams webpage using my MSFT personal account.
2. Browsed to the public Teams Live Event url
3. Select Watch on the web instead
4. Flashes between "We're sorry - weve run into an issue" and trying again until finally gets stuck on "To open the web app, change your browser settings to allow third-party cookies or allow certain trusted domains. Try again If that doesn't work, try signing out and back in."
Teams webpage in-private
0. Delete application link that opens Team URL in Teams app
1. Open Edge (New/Chromium) in-private
2. Select watch on web
3. Select Sign in
4. Entered MSFT personal account username
5. Accepted passwordless MFA prompt to select number from MSFT authenticator app
6. MSFT sign message
Microsoft
Sign in
Sorry, but we’re having trouble with signing you in.
AADSTS50020: User account '%MY MSFT PERSONAL ACCOUNT%' from identity provider 'live.com' does not exist in tenant '%PUBLIC TEAMS LIVE EVENT ORGANISER DOMAIN%' and cannot access the application '5'(Microsoft Teams Web Client) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account.
This is ridiculous, as if something can be access anonymously then why all the issues when trying to access the same thing whilst authenticated to MSFT using MSFT personal account.
How many people have given up trying to connect to public Teams Live Events, because they have MSFT personal accounts and get logon loops or unhelpful error messages? This is extremely poor, even by MSFTs low standards.
grommit I can understand the frustration. But as we're talking about public events anyone can join, not anyone can sign in. If you're trying to sign in with an anonymous account (not a guest user or trusted/federated user) it will not work as the account isn't added to your org. in any way. You can actually read this in the "error message" you get. If these "live accounts" where added to the org. it would work to select the sign-in option.
ChrisHoardMVP Perhaps my MS account wasn't the best one to test with as I do have a Teams free org. associated with that as well. But, I was properly signed out of all sessions and only signed in to Teams for Personal use, both online and desktop. I did notice though right now that the icon changes from the white personal to the blue business when connecting to the live event. So perhaps I should create a brand new @outlook.com account and test again.
- The logon loop doesn't help anyone.
The mobile device is not managed error doesn't help anyone.
The not a tenant guest error message doesn't help anyone except for tech support.
Public Teams Live Event would be created for the public I would think, in order for the public to access and watch the event.... known people and unknown people. Yet a bunch of people cannot access the event because of logon loops or weird error messages... because they have and are using MSFT personal accounts. That is insane.
If LOGON to the public Teams Live Event is the issue then throw up a message that says just that, something like "Hey, we see you are using a MSFT personal account. Unfortunately it is not currently possible to sign in to a Teams Live Event unless you're a guest of the M365 Business tenant that organized the event. No, you cannot sign in even if it is a public event. Please access the public Teams Live Event anonymously using this link. Alternatively wait and you will be joined anonymously to the even in in 5, 4, 3, 2, 1. "
Is that so hard? No, it is straightforward and simple but for whatever reason people are paid exceedingly well these days to develop shoddy software and services.
My MSFT personal live.co.uk account is just that, not associated with a MSFT Business logon to my knowledge.
My MSFT Business logon should also be standalone, not associated with any MSFT personal service.
Create Teams Live event (Public)
Visit URL in an in-private tab
Click option to stay on website
Click option to sign in
Enter your MSFT personal account details
I've had this issue occur with both of my 2xlive.co.uk MSFT personal accounts.
3rd party external unknown user had it occur with their hotmail.com MSFT personal account.
Member of staff tested before contacting me to report the issue, they have problem with their MSFT personal account gmail.com logon.
3rd party external unknown user with outlook.com MSFT pesonal account had issue with Teams app on mobile reporting that device was unmanged hence not allowed to access.
This is a public Teams LIve Event, no attendees nor anyone invited.
Just create Teams Live Event, choose time, set to public, complete, copy and share URL.
None of the gmail.com, hotmail.com, outlook.com nor live.co.uk accounts are guests in the M365 business tenant that created the meeting.- We're trying to help you know. We'll take it further!
- Aye, ta.
Do I need to be like upgraded before can like others posts?
I can mark as best answer, but there is no option to like a post only see if it has been liked and who liked it.
- For sure. I think we kind of nailed it here, the experience is inconsistent, spectral and it's not exactly intuitive which would impact your day to day users. Not a clean experience - kind of like the differing meeting experience depending on whether you were part of the org, a guest, a fed user or anon. It's definitely something which could be referred for the team to look at because I don't think this feedback is going to be the exception 😄
- Totally agree. I've probably assisted with hundreds of issues related to credentials, loops, weird error messages and which type of user it was. Been having them myself needing to wipe the autostart settings (LoggedInOnce, HomeUserUpn etc.). When you send feedback to the team tell them I'm with you ;D
- I've had to remove machines from Azure AD Join then rejoin then to sort some issues.
I just wish MSFT support, MSFT 365 support, Azure AD support etc etc etc were all authorized to say "Yes, that is a bug. Thank you for reporting that to us, we will pass along all the evidence to the appropriate team. Here is a URL to the bug which you can share and track progress".
MSFT support told me to create a website to inform unknown attendees how make sure their browser is not set to open links in Teams, then to join the meeting using in-private tab and the anonymous option. Then spouted other utter ridiculousness.
I explain the issue when creating the support ticket, with screenshot.
Then they call and want a demo, so go through that.
Then they email and want a break down with screenshots, which was provided when created the ticket and again when they called the first time and issue was demo'd, so do that.
They they say the spoke to some support duper team and it is known that MSFT personal accounts cannot sign in.
Ask for documentation so I can go back to my client, there is none.
Ask for an email saying what they told me verbally, so I can provide that as documentation. Just a long long email with loads of links posted in none of which states what they told me verbally.
Query when it will be fixed, because we'll end up as have already with external parties not being able to join. Told to provide examples AGAIN.
Just venting.
I miss DOS 6.22, everything just worked once you'd got your batch sorted to load different mem configs. Turns out DOS was someone else's code that MSFT purchased then just changed a few bits like A:\ to be C:\, so no wonder it just worked.
I was impressed when MSFT created Teams rather then buying Slack, but now they should have just again bought someone else's code so it just worked.