Azure AD Direct Connect access denied

Iron Contributor

Hi.

We've set up Direct Connect for the first time between two of our tenants.

We've configured the External Identities -> Cross-tenant access settings exactly the same on both.

But on both we get this error message when attempting to access a Sharepoint site from each tenant:

 

5.png

 

Here're the settings (same for both tenants):

 

0.png1.png

 

 

2.png

 

 

3.png

 

 

4.png

 

I cannot figure out why access would be blocked as these settings seem to be the most permissive possible.

 

Thanks for your help.

7 Replies
what settings you have in your external collaboration settings ?

@eliekarkafy you mean this here?

msedge_2023-05-11_15-23-35.png

ok , do you have a policy applied on your Users ? conditional access policy that blocked them from connecting to external location ?
I checked but cannot see anything in that regard.
Firstly, we do have policies in place but I'm not aware that you can restrict external connections with condition access policies.

Secondly, the target tenant for Direct Connect has zero policies in place.

Thirdly, the behaviour is the same for both tenants.
Calling tenant B from A says access is blocked by organization and calling from A from B says the same.
Double check all your external collaborations settings. Also try to remove the organizations from both side and readd them and set your settings to allow the access and test again
Will do. I also opened a case with the Azure support for this. If this ever get's solved I'll be likely to post a solution here.