Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

MS Teams Invitation redemption & Self service account sign up is disabled

Iron Contributor

Hi there,

I am invited to join a MS Teams group from another organization. when I try to redeem the invitation , it asks me create a password  and display name rather than allowing me to Sign in using my Microsoft Account (Since my organisation does not have a Azure AD yet).

 

1.PNG

But when I try to go through by creating a password, then I get an error that:

2.PNG

"We cannot create a self-service Azure AD account for you because has <orga name> disabled self-service account sign-up by email validation. Ask admin to enable EmailVerified users or create an account for you."

 My organisation does not have any Azure AD and I have a Microsoft Account created using my official email id.

What is going on here? Any help is much appreciated :)

 

 

9 Replies

Hi Unnie,

 

Please check with the company inviting you to collaborate, this error occurs when external collaboration has been restricted.

 

Settings to query:

  1. Members can invite
  2. Guests can invite
  3. Collaboration restrictions

 External Collaboration Settings.PNG

@ThinkSync Please show exactly where to set this permissions.
I can't find that in Azure under Groups.

Hi@Tvermoes exact info:

 

 

  1. Sign in to https://portal.azure.com

  2. Click Azure Active directory in the left pane.

  3. Under Manage, click User settings.

  4. Under External users, click Manage External collaboration settings.

 

@Tvermoes is this issue resolves after following the below steps

@unnie ayilliath 

 

I have exactly this same problem, but my domain is on GSuite! There is no such collaboration setting. 

What to do ? 

@ThinkSync 

 

That is not correct.

They have already received an invite, so their external collaboration settings are fine otherwise they would not have been able to send the invite in the first place.

The issue is because the user of the receiving organisation has not allowed them self service sign up. Probably because they either don't yet have their domain in Azure AD or they do but have not setup that person in Azure AD yet.

The receiving organisation need to action this, either allow self service sign up for their Azure AD domain, create the persons account in their Azure AD or if they have local AD they could sync their local AD with Azure AD to automatically create the accounts in Azure AD.

 

https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-self-service-si...

 

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sync-whatis

 

@a-yates True, but the problem is my org do not have Azure AD , so naturally I must be asked to create a Microsoft account for my email or use my existing Microsoft account attached to that email. But strangely, this does not happen, am suspicious that maybe some IT PRO in our org created a dummy Azure Ad with my org name and probably added it with our org domain.

Hi @unnie ayilliath, about "some IT PRO in our org created a dummy Azure Ad with my org name and probably added it with our org domain" I assuming that you are referring a public domain, if so, you can check that consulting the DNS records (ie https://dnschecker.org) and if the domain has TXT record like MS=ms########  <- The '#' is just a numbers, the domain has been added as a custom domain to Azure services like Azure AD.

@ricardo thanks , I do not see that entry. So the issue is something else :(