SOLVED

RestrictSigninToPattern breaks logon into AAD tennant with Beta 83.0.487.37??

%3CLINGO-SUB%20id%3D%22lingo-sub-1415699%22%20slang%3D%22en-US%22%3ERestrictSigninToPattern%20breaks%20logon%20into%20AAD%20tennant%20with%20Beta%2083.0.487.37%3F%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1415699%22%20slang%3D%22en-US%22%3E%3CP%3EGood%20morning%2C%3C%2FP%3E%3CP%3EThis%20morning%20I%20noticed%20that%20my%20profile%20was%20not%20synching%20to%20my%20AAD%20account%2C%20synchronisation%20not%20available.%3C%2FP%3E%3CP%3ETrying%20to%20fix%20this%20with%20logging%20off%20and%20on%20again%20I%20get%20the%20message%3A%3C%2FP%3E%3CP%3EYour%20system%20administrator%20has%20not%20granted%20login%20permissions%20for%20krsh%40han.nl.%20You%20can%20try%20another%20email%20address%20or%20contact%20the%20system%20administrator%20for%20more%20information.%26nbsp%3B%3C%2FP%3E%3CP%3EAfter%20removing%20the%20setting%20%22%3CSPAN%3ERestrictSigninToPattern%22%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fnl-nl%2FDeployEdge%2Fmicrosoft-edge-policies%23restrictsignintopattern%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fnl-nl%2FDeployEdge%2Fmicrosoft-edge-policies%23restrictsignintopattern%3C%2FA%3E%26nbsp%3Bwhich%20was%20set%20to%20our%20domain%20and%20worked%20nicely%20t'ilI%20last%20week%20I%20was%20able%20to%20logon%20again...%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3ECan%20somebody%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F41501%22%20target%3D%22_blank%22%3E%40microsoft%3C%2FA%3E%20look%20into%20this%3F%20We%20want%20to%20roll%20out%20Edge%20to%20%2B6000%20devices%20on%20the%2027th%20and%20we%20want%20to%20do%20that%20without%20these%20kind%20of%20issues.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3Eregards%2C%20Henno%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1415767%22%20slang%3D%22en-US%22%3ERe%3A%20RestrictSigninToPattern%20breaks%20logon%20into%20AAD%20tennant%20with%20Beta%2083.0.487.37%3F%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1415767%22%20slang%3D%22en-US%22%3EAnd%20works%20again%2C%20seems%20a%20small%20glitch%20in%20AAD%20for%20a%20couple%20of%20minutes.%20I%20hope%20we%20don't%20get%20that%20on%20the%2027th...%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1418931%22%20slang%3D%22en-US%22%3ERe%3A%20RestrictSigninToPattern%20breaks%20logon%20into%20AAD%20tennant%20with%20Beta%2083.0.487.37%3F%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1418931%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F400875%22%20target%3D%22_blank%22%3E%40Henno_Keers%3C%2FA%3E%26nbsp%3BThanks%20for%20bringing%20this%20to%20our%20attention.%20I'm%20glad%20to%20hear%20that%20this%20is%20working%20again%2C%20but%20I'll%20still%20check-in%20with%20our%20Sync%20and%20Identity%20teams%20and%20let%20you%20know%20if%20they%20have%20any%20further%20thoughts.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CI%3EFawkes%20(they%2Fthem)%3CBR%20%2F%3E%3CBR%20%2F%3EProject%20%26amp%3B%20Community%20Manager%20-%20Microsoft%20Edge%3CI%3E%3C%2FI%3E%3C%2FI%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1420541%22%20slang%3D%22en-US%22%3ERe%3A%20RestrictSigninToPattern%20breaks%20logon%20into%20AAD%20tennant%20with%20Beta%2083.0.487.37%3F%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1420541%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F484598%22%20target%3D%22_blank%22%3E%40fawkes%3C%2FA%3E%26nbsp%3Bwe%20found%20out%20this%20morning%2C%20shortly%20before%20rollout%2C%20that%20we%20made%20a%20small%20error%20in%20how%20the%20RestrictSigninToPattern%20setting%20was%20configured.%3C%2FP%3E%3CP%3EIt%20should%20have%20read%3A%20.*han.nl%3C%2FP%3E%3CP%3EBut%20was%3A%20*han.nl%3C%2FP%3E%3CP%3ESmall%20thing%2C%20missing%20a%20.%20When%20trying%20to%20logon%20users%20where%20confronted%20with%3A%3C%2FP%3E%3CP%3E%22%3CSPAN%3EYour%20system%20Administrator%20has%20not%20granted%20user%40han.nl%20signin%20permissions%22%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EOh%20well....%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3Eregards%2C%20Henno%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1421585%22%20slang%3D%22en-US%22%3ERe%3A%20RestrictSigninToPattern%20breaks%20logon%20into%20AAD%20tennant%20with%20Beta%2083.0.487.37%3F%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1421585%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F400875%22%20target%3D%22_blank%22%3E%40Henno_Keers%3C%2FA%3E%26nbsp%3BGlad%20to%20hear%20that%20it%20was%20an%20easy%20fix%3B%20we%20love%20those!%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CI%3EFawkes%20(they%2Fthem)%3CBR%20%2F%3E%3CBR%20%2F%3EProject%20%26amp%3B%20Community%20Manager%20-%20Microsoft%20Edge%3CI%3E%3C%2FI%3E%3C%2FI%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Frequent Contributor

Good morning,

This morning I noticed that my profile was not synching to my AAD account, synchronisation not available.

Trying to fix this with logging off and on again I get the message:

Your system administrator has not granted login permissions for krsh@han.nl. You can try another email address or contact the system administrator for more information. 

After removing the setting "RestrictSigninToPattern" https://docs.microsoft.com/nl-nl/DeployEdge/microsoft-edge-policies#restrictsignintopattern which was set to our domain and worked nicely t'ilI last week I was able to logon again...

Can somebody @microsoft look into this? We want to roll out Edge to +6000 devices on the 27th and we want to do that without these kind of issues.

 

regards, Henno

 

 

4 Replies
Highlighted
And works again, seems a small glitch in AAD for a couple of minutes. I hope we don't get that on the 27th...
Highlighted

@Henno_Keers Thanks for bringing this to our attention. I'm glad to hear that this is working again, but I'll still check-in with our Sync and Identity teams and let you know if they have any further thoughts.

 

Fawkes (they/them)
Project & Community Manager - Microsoft Edge

Highlighted
Solution

@fawkes we found out this morning, shortly before rollout, that we made a small error in how the RestrictSigninToPattern setting was configured.

It should have read: .*han.nl

But was: *han.nl

Small thing, missing a . When trying to logon users where confronted with:

"Your system Administrator has not granted user@han.nl signin permissions"

 

Oh well....

 

regards, Henno

Highlighted

@Henno_Keers Glad to hear that it was an easy fix; we love those!

 

Fawkes (they/them)
Project & Community Manager - Microsoft Edge