This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 84%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENB%3C/text%3E%3C/svg%3E)
We have been locked out of our tenant for almost 2 weeks now due to a faulty Conditional Access policy. During this week, there have been several conversations with a number of Microsoft support technicians, none of which seemed to have an understanding of the actual issue at hand or able to resolve the issue and all ended up assigning the case to a different team. We know exactly what is wrong and how to fix it. But we need the help of the Data protection team. Since this is a high impact incident and things are moving too slow via the regular support channels, we are trying to get in touch with them through this channel. We came across similar incidents on this forum and saw that they responded quickly. Our current support case number is 2404140040001624.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 45%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hi @Nick Bobak
Following up to see if the below suggestion was helpful. And, if you have any further query do let us know.
It was not as I have not gotten any response after utilizing the email recommended and I am still locked out of my accounts as the rest of my users are. It’s been 19 days. This is absurd.
IS THERE ANYBODY AT THIS $3 TRILLION ORGANIZATION THAT CARES ABOUT ITS CUSTOMERS??? ANYBODY? PLEADING FOR HELP.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 17%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
@Nick Bobak Apologies for the delayed response. As per the last update which I have got from my engineering team, we have excluded one of the Global admin accounts from the conditional access policy which caused this lockout.
This exclusion would be valid for next 24 hrs, would request you to login to your tenant at earliest, make changes to the policy so that others can login/access resources.
From next time onwards try to have emergency accounts - https://learn.microsoft.com/en-us/entra/identity/role-based-access-control/security-emergency-access
Let me know if you have any further questions, feel free to post back.
Hello, the Data Protection team is usually stacked with several cases related to the same issue. Send an email to azcommunity@microsoft.com with the Subject Attn: Security+Identity for some extra help but bear with me, it's all up to how many cases the DP team is already dealing with.
That said, it would be a nice idea for Microsoft to strongly suggest and offer automatic break-glass/emergency account creation or ensure they won't get locked. Feel free to support ideas like this: https://feedback.azure.com/d365community/idea/42215546-8a90-ed11-a81b-000d3ae5ae95 so that the product team can consider them.
Sad to hear about that Nick Bobak. Could you reach the Community S+I team via email as suggested?
Yes i did this now a second time. No progress thus far, though i appreciate the attempted help.
This organization is useless. The epitome of having you go in circles.
To say I am desperate at this point is a severe understatement. Every time I call (which is 2-4x per day due to not being able to do much else w/o access to my Microsoft tenant), I'm brushed off and assured that the technician or engineer assigned to my case will contact me within 2-3 hours, and sure enough, never does. I'm beyond exhausted when it comes to dealing with this issue. I've spent over 30 hours on the phone with Microsoft agents with literally no sign of progress or anything being done at all, besides "further escalating" (which if I had a dollar for every time I heard that, I'd have enough money to make a Microsoft 2.0 with legit customer service).
If we weren't a professional tax firm with legal and regulatory repercussions, I would have already quit and closed down at this point. Any additional advice/assistance is greatly appreciated.