SOLVED

User invited as guest to another Teams org sign-in blocked

Copper Contributor

Hi,

 

We have some users in our organization (Office 365) who have been invited as guests to Teams, by a number of different external organisations.  However, upon our user's attempting to login, they receive the O365 popup message: "Sign in was Blocked. We've Detected something unusual about this sign-in." 

signinblockedteams.png

 

Note: Our users have MFA enabled in O365 and we are using modern authorization (with no app passwords).  

 

While I am inclined to think this would be related to something on the other organisation's side since they invited, I want to be sure first.  Also, this sign-in blocked message only seems to appear when they attempt to login to Teams from external organizations and not ever if they simply login to their OWA or Outlook or any other O365 resource. 

Our Teams org settings are basically wide open and not blocking or restricting anything related to guest invitations or external domains. 

 

Thanks in advance for any help you can offer. 

 

11 Replies

Hi @macolo - you're not alone - lots of people talking about this on Twitter this morning, too. I think there's a bug...

@Kelly_Edinger  Thank you for replying - I was not aware of wider issue. 

 

Hopefully this gets resolved or someone out there knows a bit more about the underlying issues.  Still facing this error for multiple users unfortunately. 

best response confirmed by VI_Migration (Silver Contributor)
Solution

@macolo 

If you're getting a message about your account being blocked because it's been flagged as being risky you need to contact your home tenants admin and have them remove the "Risky user" using the Azure Portal: Azure Portal -> Azure Active Directory -> Security -> Risky Users.  Then select the user and press “Dismiss all events”. 

Microsoft recently enabled a policy that blocks all risky users from logging in. 

 

Hope this helps

@macolo 

Did you get any resolution on this?  we have the same problem

@Trey34 did you try my solution??

@Paul_Keijzers thanks this worked a treat !

This worked for me! Thanks!

@Paul_Keijzers 

 

I am getting the same error message.  Here is the scenario.

 

My domain is tenica-gs.com.  I was invited as a guest to a Microsoft Corporate Team.

 

My question is, based on your previous response, do I have to do something in tenica-gs.com AD or does Microsoft have to do something in their AD?

 

Thanks,

Wesley

 

@Paul_Keijzers this appears to only be available to Azure P2 users. Our organization can't afford Premium Azure ($9/mo per user added) just to be able to click one setting.

There needs to be another way.

Still works today! Thanks for this!
we are running E3 and it is working. You might neet to setup azure AD under your account. What level office 365 are you running?
1 best response

Accepted Solutions
best response confirmed by VI_Migration (Silver Contributor)
Solution

@macolo 

If you're getting a message about your account being blocked because it's been flagged as being risky you need to contact your home tenants admin and have them remove the "Risky user" using the Azure Portal: Azure Portal -> Azure Active Directory -> Security -> Risky Users.  Then select the user and press “Dismiss all events”. 

Microsoft recently enabled a policy that blocks all risky users from logging in. 

 

Hope this helps

View solution in original post