Forum Discussion

Busted1942's avatar
Busted1942
Brass Contributor
Feb 10, 2020

Misleading Error Message 53004

I wanted to document an issue I have spent a few months on (off and on) in hopes that the error messaging might be improved.  The use case is that I can sign-in to Teams however, when I tried to swit...
developer
Guest Access
microsoft teams
Gousia_Begum's avatar
Gousia_Begum
Former Employee
Feb 17, 2020

Busted1942 Looking at the correlation id, the guest user was marked as High Risk by his home tenant and the solution is guest users home tenant should deflag that event.

Tomaszf's avatar
Tomaszf
Copper Contributor
Apr 16, 2020

Gousia_Begum 

hello,

can you provide repo steps how to do this?

  • Busted1942's avatar
    Busted1942
    Brass Contributor
    Apr 16, 2020

    Tomaszfand @Gousia_Begum,

     

    Trigger a risky user sign-in event to show up for a test user in Azure Portal>Azure Active Directory>Security>Risk Detections and then try to change Orgs with that user in MS Teams.

    • Tomaszf's avatar
      Tomaszf
      Copper Contributor
      Apr 16, 2020

      Busted1942 

       

      thanks

       

      i got other kind of issue, maybe i can shortly describe it.

      external user(customer) cannot log in to our tenant (Teams/AzureDevOps) with his account.

      when loggin in hes asked to provide MFA and so on. but he CANT - its not possible because he cannot login to set mfa..so we have a loop.

      so i created another user in his tenant, logged into mine - works...so hes using this second account.

       

      maybe you can advise me what to do...some users are asked to provide MFA some not.

      in conditional access policy i have excluded external users

       

       

       

       

      Ihre Anmeldung wurde gesperrt
      Bei dieser Anmeldung ist uns etwas Ungewöhnliches aufgefallen. Dies kann beispielsweise auf eine Anmeldung über einen neuen Ort, ein neues Gerät oder eine neue App zurückzuführen sein. Bevor Sie fortfahren können, müssen wir Ihre Identität überprüfen. Wenden Sie sich an Ihren Administrator.
      https://login.microsoftonline.com/1f5f7c94-26bf-4752-8f12-e2844e5682b8/reprocess?prompt=select_account&sosid=2ae752e2-9005-4cf0-8943-2fbe0df729e4&ctx=rQIIAYWQvUscQRjGd27vzrsjELEIEogobCGR2Z2Znc8DISJc5PxCUsQiFjuzs1mFY_V2JcE_QCwtg2WKFJYWIpoiaa0sRQRbEQRLSyd_QXjhgZf3fR5-PJ0GDlGo3vs4xN2A2dhYbhAkGmeQEsmgTKmGglkrpJuY8uFYZ3Tly-mrd4-dD2dTjb_PG_O_joB3DCbyqtouu1FU2WRQhoNNMyzKIqtCUwyir8UZAFcA3ANwXAssYQYzTqFEjEEaMwUTYxNIdawUS0nCubipvV6d261y8k-K4eaePfKDVGCEcKqdMXWAkiRQOlZouNaSq1RklJ_4Ac5YJoyikHDt3gQjUGaYQEskpZZx55HnfkAS606WQIWQwzAZglLRGJJMW5cviLL02gdXdfBQf9MCo954e9KbHkF-t9XquM2b9J7r4GfDNTL87V38ud1f-XE3eFvF3LtsRGusXNIL-c56r9rtf56hvcX1aPlTviC-b8mPi6s0UUs7vWWRb1XfZnkXHzabl81av3xqgoMR77z9nzpfAA2
      https://login.microsoftonline.com/1f5f7c94-26bf-4752-8f12-e2844e5682b8/oauth2/authorize?response_type=id_token&client_id=5e3ce6c0-2b1f-4285-8d4b-75ee78787346&redirect_uri=https%3A%2F%2Fteams.microsoft.com%2Fgo&state=d71001db-80df-482a-82b1-c6bb869d7f46&&client-request-id=0cb65c4e-ed1d-400a-b821-05c1f85d43a6&x-client-SKU=Js&x-client-Ver=1.0.9&nonce=e25c1564-8055-4359-acea-4b3995d2a667&domain_hint=#
      Request Id: bb00bc72-dcc0-4e86-98df-6d1a74333600
      Correlation Id: 0cb65c4e-ed1d-400a-b821-05c1f85d43a6
      Timestamp: 2020-03-24T09:03:04.003Z
      App-Name: Microsoft Teams Web Client
      App-ID: 5e3ce6c0-2b1f-4285-8d4b-75ee78787346
      IP-Adresse: 77.20.253.212
      Gerätebezeichner: Nicht verfügbar
      Geräteplattform: Windows 10
      Gerätestatus: Unregistered
      Erweiterte Diagnose: https://login.microsoftonline.com/common/debugmode
      Wenn Sie Support zu einem Problem anfordern möchten, aktivieren Sie diese Option, und versuchen Sie, den Fehler zu reproduzieren. Auf diese Weise werden zusätzliche Informationen gesammelt, die zur Problembehandlung beitragen
      • Busted1942's avatar
        Busted1942
        Brass Contributor
        Apr 16, 2020

        Tomaszf,

         

        Did you check risky sign-ins for an event with his username?  Resolving the risky user sign-in was the resolution in my case when there was no other clues on where to look.  You can find that under Azure Portal> Azure Active Directory> Security> Risky users...

Resources