Thousands of sign-in errors in Entra ID

adv_kd 125 Reputation points
2024-04-16T08:14:42.24+00:00

Hello,

I have problem with sign ins into Windows Sign In. Infra:

  • local AD synced into Entra ID
  • Windows 10/11 hybrid joined devices
  • only GPO managed, we don't have Intune yet

Problem is that I see THOUSANDS of failed sign ins into Windows.

1

Almost 50% of all sign ins into Windows are failures...OnlyWindowsSignins

Basically 90% of all my failures are about of those errors "Device auth failed for this user":

Failed_signins

Deep dive into one of affected user's sign ins:

User_signin

User_signin_failed

And successful sign in for the same user:User_signin_success

Funfact is that I'm not hearing of anyone having any issues related to this though. Any ideas why it is going like that?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,421 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Domooney-MSFT 2,596 Reputation points Microsoft Employee
    2024-04-16T08:22:24.4366667+00:00

    Hi adv_kd,

    Thank you for posting your query on Microsoft Q&A!

    The most likely cause of these errors is a problem with your hybrid join config.

    If you can get onto one of the devices throwing the error, run this command in cmd "dsregcmd /status"

    We have a guide here on using this to diagnose these issues - https://learn.microsoft.com/en-us/entra/identity/devices/troubleshoot-hybrid-join-windows-current#troubleshoot-join-failures

    It can also happen if the hybrid join failed, or if the domain is federated and the federation is not configured for Windows login.

    Do let me know what the command shows up and if you have any further queries.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    Kind Regards,

    Donal


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.