Single User with aadsts80002 error

Question

Greetings,

i have a Problem with a single User wich I've created on Friday. The User was created on-premis and was synchronized to AAD, after our ruling took over, he had his licences and Groups. I could login via webbrowser and with Outlook and teams. Yesterday (Monday) the user couldn't login with outlook and teams anymore. Wih the error aadsts80002, so i googled a bit checked the sync tools. no error no Problems there. Checked Passwort Sync no Problem. So i deleted the user, resynced everything and started from scratch. Same Problem..... User can use Webbtools, can login and create MFA, but the local App don't login. I've tried another PC same issue and no other User has this Problem. I'm a little bit confused.

Did sombody had the same issue?

Thx for the help

Christian

Answer 1

@Christian Kuhr , are the trace logs at %ProgramData%\Microsoft\Azure AD Connect Authentication Agent\Trace providing any information? I would check here if you haven't already.

You could also try with PowerShell to test the Pass-through Authentication agent:

   Import-Module "C:\Program Files\Microsoft Azure AD Connect Authentication Agent\Modules\PassthroughAuthPSModule\PassthroughAuthPSModule.psd1"
Invoke-PassthroughAuthOnPremLogonTroubleshooter

Enter the same username and password that are used to sign in to https://login.microsoftonline.com.

You said you recreated the user account, but try checking the UserPrincipalName (UPN). Make sure that the user's on-premises UPN matches the user's cloud UPN. A mismatch can cause sign-in issues.

Please let me know your results and I can help you further.

Best,

James