Forum Discussion
User invited as guest to another Teams org sign-in blocked
Hi,
We have some users in our organization (Office 365) who have been invited as guests to Teams, by a number of different external organisations. However, upon our user's attempting to login, they receive the O365 popup message: "Sign in was Blocked. We've Detected something unusual about this sign-in."
Note: Our users have MFA enabled in O365 and we are using modern authorization (with no app passwords).
While I am inclined to think this would be related to something on the other organisation's side since they invited, I want to be sure first. Also, this sign-in blocked message only seems to appear when they attempt to login to Teams from external organizations and not ever if they simply login to their OWA or Outlook or any other O365 resource.
Our Teams org settings are basically wide open and not blocking or restricting anything related to guest invitations or external domains.
Thanks in advance for any help you can offer.
If you're getting a message about your account being blocked because it's been flagged as being risky you need to contact your home tenants admin and have them remove the "Risky user" using the Azure Portal: Azure Portal -> Azure Active Directory -> Security -> Risky Users. Then select the user and press “Dismiss all events”.
Microsoft recently enabled a policy that blocks all risky users from logging in.
Hope this helps
If you're getting a message about your account being blocked because it's been flagged as being risky you need to contact your home tenants admin and have them remove the "Risky user" using the Azure Portal: Azure Portal -> Azure Active Directory -> Security -> Risky Users. Then select the user and press “Dismiss all events”.
Microsoft recently enabled a policy that blocks all risky users from logging in.
Hope this helps
Paul_Keijzers thanks this worked a treat !
- This worked for me! Thanks!
I am getting the same error message. Here is the scenario.
My domain is tenica-gs.com. I was invited as a guest to a Microsoft Corporate Team.
My question is, based on your previous response, do I have to do something in tenica-gs.com AD or does Microsoft have to do something in their AD?
Thanks,
Wesley
Hi macolo - you're not alone - lots of people talking about this on Twitter this morning, too. I think there's a bug...
Kelly_Edinger Thank you for replying - I was not aware of wider issue.
Hopefully this gets resolved or someone out there knows a bit more about the underlying issues. Still facing this error for multiple users unfortunately.
Trey34 did you try my solution??
