Account disabled

Amar Patel [MSFT] 0 Reputation points Microsoft Employee
2023-09-19T16:45:21.4+00:00

I have a customer account on AAD that is in a "disabled" state, and I can't figure out how to reenable, or how to find someone with permission to do it. I routinely add customers, and this is the first time one has ended up in a disabled state that I can't fix.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,266 questions
{count} votes

2 answers

Sort by: Most helpful
  1. anza 836 Reputation points
    2023-09-19T18:20:06.31+00:00

    it depends if the account is synchronized from on-premises or not

    or use powershell (AzureAD module)
    'Set-AzureADUser -ObjectID fabricec@litwareinc.com -AccountEnabled $true'
    https://learn.microsoft.com/en-us/microsoft-365/enterprise/block-user-accounts-with-microsoft-365-powershell#block-access-to-individual-user-accounts

    if you use risk based policies you additionaly need to first remediate the risk that blocked the user sign-in

    https://learn.microsoft.com/en-us/azure/active-directory/identity-protection/howto-identity-protection-remediate-unblock

    regards

    0 comments No comments

  2. Dillon Silzer 57,231 Reputation points
    2023-09-19T18:28:05.0833333+00:00

    You can try using Graph API:

    https://learn.microsoft.com/en-us/graph/api/user-update?view=graph-rest-1.0&tabs=http

    Import-Module Microsoft.Graph.Users
    $userId = "name@domain.com"
    
    $params = @{
    	accountEnabled = true
    }
    
    # A UPN can also be used as -UserId.
    Update-MgUser -UserId $userId -BodyParameter $params
    

    If this is helpful please accept answer.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.