Jun 06 2019
We have a user who is having their account locked out, but only during business hours.
I suspect his account is set up on a device that has the old credentials but I have asked him to check his phones, tablets and home PC to no avail.
Is there a way to see what devices are attempting to login? Or to stop authentication attempts from specific devices?
Jun 07 2019
Yes, you can certainly check the Azure AD sign-in logs: https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/SignIns
As well as selectively block/disable any of the devices he has, then re-enable them one by one until you find the culprit.