Share via

User Sign-in Errors

Raffaele Scotti 20 Reputation points
2025-04-02T09:08:49.4266667+00:00

Dear Sir/Madam, I'm getting a lot of calls from users who can't sign in, stating that their accounts are being blocked.

Microsoft Security | Microsoft Entra | Microsoft Entra ID

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Kavya 655 Reputation points
    2025-04-03T09:01:01.23+00:00

    Frequent account lockouts could indicate potential attacks. Check the sign-in logs of affected users to identify unusual attempts, such as suspicious IP addresses, browsers, or user agents. You can use the Entra sign-in logs to view the users' sign-in history.

    To reduce disruptions for legitimate users, consider enabling Smart Account Lockout, which helps block malicious attempts while allowing genuine users to sign in.
    https://blog.admindroid.com/configure-smart-lockout-in-microsoft-entra/

    Was this answer helpful?

    0 comments
  2. Obinna Ejidike 2,870 Reputation points Volunteer Moderator
    2025-04-02T11:49:45.58+00:00

    Hi Raffaele

    Thanks for using QandA platform

    Misconfigured conditional access policies are one of the causes of administrator/user lockouts.

    To prevent this, it is always good practice to have an emergency access account (breakglass account) where conditional access, password expiry etc are not applied to the account, and to roll out any CA policies in stages.

    To resolve this issue, please contact the global administrator in your tenant and ask them to follow these steps to unblock the user's account:

    1. Sign in to the Microsoft 365 portal as a global admin.
    2. Under Users, Select Active Users.
    3. Locate the user, and then click the user's Display name to open the settings pane.
    4. At the top of the pane, select Unblock sign-in.
    5. In the Unblock sign-in screen, deselect Block this user from signing in and click Save changes

    Additionally, you can check for brute force or security measures. if many users are affected at once, consider if a security policy update or an automated system(like Azure AD conditional access or Okta) is blocking them.

    I hope this information is helpful. Please feel free to reach out if you have any further questions.

    You can mark it 'Accept Answer' and 'Upvote' if this helped you

    Regards,

    Obinna

    Was this answer helpful?

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.