Share via

Users does not authenticates using the same SAML method

Jesper Mogensen 0 Reputation points
2023-08-12T07:20:43.01+00:00

Hi,

I have a third party application that are installed in my own environment. It supports SSO through AAD and I’ve successfully completed the setup. Every one but 1 user can access the site with no problem.

but that 1 user get

AADSTS75011: Authentication method 'Password, X509, MultiFactor' by which the user authenticated with the service doesn't match requested authentication method 'WindowsIntegrated'. Contact the ADSelfService Plus application owner.

if the user tries to login to another computer it works just fine. So it must be the user account on that computer. But i’d like to understand how/why it does this? The only solution I have right now is to delete the user profile. But is it some GPO or something that causes this?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
24,321 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. JimmySalian-2011 42,451 Reputation points
    2023-08-12T19:41:50.9833333+00:00

    Hi Jesper,

    It seems the user is already authenticated with the AAD and provided the details for auth process, however you can try to wipe out the User Account configuration if it is hybrid joined by remove disconnect option in the Work Account in the control panel.

    Deleting profile is another option but the caching credentials on the device is causing some conflict with authenticaiton process.

    https://learn.microsoft.com/en-us/troubleshoot/azure/active-directory/error-code-aadsts75011-auth-method-mismatch

    Please don't forget to upvote and Accept as answer if the reply is helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.