Apr 16 2020
02:40 AM
- last edited on
Jan 14 2022
04:32 PM
by
TechCommunityAP
Apr 16 2020
02:40 AM
- last edited on
Jan 14 2022
04:32 PM
by
TechCommunityAP
We were unable to set SSO in the Azure AD connect configuration for a brand new tenant.
An error appeared: Cannot retrieve single sign-on status.
The trace log shows:
Authenticate-ADAL: user name or password is invalid [invalid_grant] - AADSTS50126: Error validating credentials due to invalid username or password.
After disabling the security defaults (which enforce mfa on global admins) in the Azure tenant, the error disappeared and we could enable SSO.
I assume re-enabling the security defaults will not impact the SSO setting?
Apr 16 2020 11:43 AM
@bart vermeersch , It will not cause any issue, as enabling SSO creates a computer object, which is used for SSO.
Click on the below mentioned link and start from 32:00 minute,
Apr 17 2020 02:15 PM
Spent a week off and on googling everything and no mention anywhere of this solution. Disabled 2FA and bingo it works first go. I was tearing the firewall apart, running health check Powershell scripts trying to find the problem. I wish they would mention this in the setup as even a "oh by the way". Thanks for posting this I can finally finish this deployment.