![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 73%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EKY%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Entra | Microsoft Entra ID
A cloud-based identity and access management service for securing user authentication and resource access
When configuring remote tenant user synchronization in Azure, there are several potential issues that could affect the Single Sign-On (SSO) functionality. Here are some considerations:
- Consent Settings: If the outbound cross-tenant access policy for automatic user consent is not enabled in the source tenant, users may encounter issues when trying to sign in via SSO. Ensure that both the source and target tenants have the appropriate consent settings configured.
- Automatic Redemption: If automatic redemption is not set up correctly in either the source or target tenant, it can lead to failures in the SSO process. Make sure that the automatic redemption settings are properly configured in both tenants.
- User Provisioning: If users are skipped during provisioning due to settings like SMS sign-in being enabled, it can prevent those users from accessing services that rely on SSO. Ensure that such settings are reviewed and adjusted as necessary.
- Tenant Configuration: Ensure that the cross-tenant synchronization settings are correctly configured, including checking the necessary boxes for synchronization across Microsoft clouds.
In summary, while remote tenant user synchronization can work with SSO, it is crucial to ensure that all related settings and policies are properly configured to avoid any issues.
References: