This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
A user in our domain is invited to the SharePoint of another organisation. But when trying to log in, they get the message "Your account is locked" and "We have discovered suspicious activity on your account." Furthermore; "Contact NAME OF USER'S ORG administrator".
This usually happens when users have Risky sign ins, and in those cases, it is easily solved by dismissing user risk, which sets the risk level from high/medium to low.
However, this user has no risky sign ins. That means I can't find the user's risk level or dismiss anything.
Is there a way to dismiss user risk outside of the Risky sign in list? Or am I looking in the wrong place? Are there other factors affecting the user risk? The user is able to log in to our own systems as normal.
You are saying that they are accessing SharePoint in another organisation, therefore it is likely their Guest account in that organisation is locked out, preventing them access. When you are invited to another Azure AD tenant, a guest account is created in that tenant associated with the original account.
The user in this case has contacted IT support of the external org, and they claimed the error to be on our side.
This makes sense because the error message, as I stated above, says to contact our organisation's administrator (Me), not the other organisation.
Hi @In_Rainbows
You could check that whether you have set some security policies in your organization: If there are any rules restrict this behavior
Hi @In_Rainbows
Is this answer helpful for you? Please feel free to reply.
Hi @In_Rainbows
Would you please provide some update of this issue? Please feel free to reply.
Well, the user can't get in, and I can't see why.
Still looking for an answer on my question: Is there a way to dismiss user risk outside of the Risky sign in list?
A new update. User tried resetting pasword, but still same error.
Looking at sign-in activity I find these details:
User gets Sign-in error code: 530032
Failure reason: User blocked due to risk on home tenant.
Additional details: If this user is risky in your tenant, learn more here: aka.ms/unblockrisk. If this is a guest user, learn more here: aka.ms/riskyguestuser.
Azure then suggests running diagnostic, which leads me to this:
Which links to: https://learn.microsoft.com/nb-no/azure/active-directory/identity-protection/howto-identity-protection-investigate-risk
However, she is nowhere to be found in the Security center. Not under Risky users, Risky sign-ins or Risk detections.
Sign in to comment