Share via

AADSTS51004 problem on Azure with Google federation

Anonymous
2023-04-14T10:44:46.8966667+00:00

I have integrated Microsoft Office 365 App in Google Suite following the instructions. One domain works fine with SSO and user sync. Second domain is not pssible to logon: AADSTS51004: The user account ******@my2nd.de does not exist in the xxxxxxxx directory. To sign into this application, the account must be added to the directory. User UPN exsists an directory UUID xxxxxxx is correct. No one can logon anymore. Whats wrong? Thanks for help

Microsoft Security | Microsoft Entra | Microsoft Entra ID

4 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. HarmeetSingh7172 4,826 Reputation points
    2023-04-14T11:30:11.3466667+00:00

    Hello Sascha Dierberg,

    Thanks for reaching out!

    As per the official documentation, AADSTS51004 error describes that the user account doesn’t exist in the directory. An application likely chose the wrong tenant to sign into, and the currently logged in user was prevented from doing so since they did not exist in your tenant. If this user should be able to log in, add them as a guest. Further information on add B2B users.

    Hope this helps.

    If the answer is helpful, please click Accept Answer and kindly upvote. If you have any further questions about this answer, please click Comment.

  2. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.

    Comments have been turned off. Learn more

  3. O365 Buddy 111 Reputation points
    2024-04-19T00:30:16.86+00:00
    • If the users were created in the Office 365 admin console , ImmutableID should be blank. To set the ImmutableID attribute for each of these users in Office 365 to match their UPN, use the Set-MsolUserPowerShell command:  Set-MsolUser -UserPrincipalName ******@yourdomain.com -ImmutableID ******@yourdomain.com You can also use Set-MsolUserto bulk update all users. You can find specific instructions in the PowerShell documentation .

    https://support.google.com/cloudidentity/answer/6363817?hl=es#zippy=%2Cpaso-configura-immutableid

    0 comments
  4. O365 Buddy 111 Reputation points
    2024-04-19T00:31:18.9733333+00:00
    • If the users were created in the Office 365 admin console , ImmutableID should be blank. To set the ImmutableID attribute for each of these users in Office 365 to match their UPN, use the Set-MsolUserPowerShell command:  Set-MsolUser -UserPrincipalName ******@yourdomain.com -ImmutableID ******@yourdomain.com You can also use Set-MsolUserto bulk update all users. You can find specific instructions in the
    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.