:az login" failed in WSL ubuntu with AADSTS50076

Chen, Liyong 0 Reputation points
2023-07-07T15:52:20.7166667+00:00

az version 2.49.0

I tried to run "az login" at WSL-ubuntu (in VS code), it shows

AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access '797f4846-ba00-4fd7-ba43-dac1f8f63013'.

Trace ID: 8bfd7789-e99c-4404-934a-98665bd9ab00

Correlation ID: b4f0ff95-94a3-4ae7-b6a5-8761c2e7e232

Timestamp: 2023-07-07 15:47:53Z

Interactive authentication is needed.

If I run it in git-bash, "az login" can run successfully with a list of azure account.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,878 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Marilee Turscak-MSFT 37,056 Reputation points Microsoft Employee
    2023-07-10T23:49:23.79+00:00

    Hi @Chen, Liyong ,

    It sounds like the user could be getting flagged as logging in from two different locations. Azure might be identifying the login as being risky and flagging it.

    If you check the Azure AD sign-in logs you should be able to find the IP that triggers the conditional access rule and verify if it's showing up as a separate location. If it is, you can add that IP as a trusted IP in your conditional access policy.

    https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/SignIns

    https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition

    If this does not work, feel free to send me an email at AzCommunity@microsoft.com ("Attn: Marilee Turscak") and include your subscription ID and a link to this thread, and we can further investigate and open a support ticket if required.

    If the information helped you, please Accept the answer. This will help us as well as others in the community who may be researching similar questions.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.