Hi there, 

I have a weird o365 user issue, the symptom is Outlook keeps asking for password, after a couple  of days troubleshooting, here are what I found: 

1. Our Domain is federated using ADFS, with Azure MFA enabled, no issue there. all users are authenticated fine.

2. One user changed his password couple weeks ago, then he got a new phone number, he reconfigured the MFA, all of sudden, Outlook started to ask for password again and again. 

3. He can login to OWA, Sharepoint Online, Teams app on the laptop, Onedrive App on laptop, Mail app on phone, Mail app on laptop. Only Outlook keeps asking for password. 

4. I tried a couple of different laptops with his credential, all have the same issue with Outlook. This rules out the Outlook client on his laptop. 

5. When I use Microsoft Support and Recovery Assistant tool to check Outlook connection, and here is the weird part, it fails on Domain Registration Check, it says, "We can't find this Office 365 domain: (****.com)". I also noticed these two values in the support information "DomainRegistrationState:4,DomainRegistrationUserState:1"

6. I compare this to a working federated user,  the value is "DomainRegistrationState:3,DomainRegistrationUserState:2".  4 and 1 are for the non federated user. 

7. So it looks like, for some reason, this user is treated as a managed user, not a federated user. I set the UPN of this user to ***.onmicrosoft.com, and rerun the SARA tool, no surprise, it succeeded. However, when I change the UPN back to ***.com, SARA tool fails again, and the value stays at 4 and 1. 

How can I fix this issue? I can't find anything similar on Internet, hopefully someone can provide me some help on this. 

Thank you in advance.