Home  ›  Outlook Customer Manager Getting Something Went Wrong Please Try Again

Outlook Customer Manager Getting Something Went Wrong Please Try Again

Written By Tuesday, May 17, 2022 Add Comment Edit

Azure AD authentication troubleshooting: Known problems and solutions

You may exist experiencing sign in or admission problems related to Office 365 or other applications which leverage the UW Azure Active Directory (Azure Advertising).

This page is role of the Azure Advertizing hallmark troubleshooting guide — specifically the known bug and solutions page.

This troubleshooting guide provides:

  • steps to have to assist yourself,
  • known bug and solutions, and
  • groundwork information on how the technology works

Known problems and solutions

Contents:

  • Inactive MI user business relationship
  • Corrupt or incorrect identity token or stale browser cookie
  • Duo error: Looks like something went wrong
  • Microsoft product licensing
  • Office installed previously for another user causes sign in problems
  • Unexpected Duo prompt during Windows sign in
  • User disabled registered device
  • Device registration failure due to Intune device restriction policy
  • UW Think Me doesn't work or I take to sign in to Azure AD a lot
  • UW NetID compromise
  • Conditional Access policy from some other tenant
  • Run a risk-based conditional access policy from another tenant

Inactive MI user account

NETID Active Directory and UW Azure Advertizing user accounts are subject to a lifecycle process which disables and deletes inactive accounts . You tin can check to come across if your business relationship has been disabled .

Solution: If your account has been disabled or deleted, at that place is a documented solution .

Corrupt or incorrect identity token or stale browser cookie

To reduce the number of times you have to sign in to Microsoft products an identity token, refresh token or browser cookie may exist stored on your device. In a variety of scenarios, these stored tokens can become a source of issues. Where they are stored is non well documented and will vary depending on your device platform, so the solutions here are unfortunately generic.

Solution: Delete buried credentials and browser cookies.

Deleting browser cookies:

Deleting browser cookies is highly dependent on which browser you are using, then nosotros can't give you detailed directions on that, but you should be able to easily find directions online. To avert deleting all browser cookies, you can merely delete cookies with the post-obit names:

  • account.activedirectory.windowsazure.com

Deleting cached credentials

Deleting cached credentials is also dependent on which platform your device is running:

In that location are two places to review:

  1. Windows Settings > Accounts > Electronic mail & accounts. Remove all accounts listed.
  2. Control Panel > User Accounts > Credential Manager > Windows Credentials. Remove whatsoever credential which begins with the following names:
    1. Microsoft
    2. MS.Outlook
    3. msteams
    4. OneDrive
    5. squad:

Note: When Microsoft Part was previously installed on a device for some other user it tin can get out a variety of detritus that tin can consequence in sign in issues for other users–see https://itconnect.uw.edu/wares/msinf/aad/authn/assist/bug-and-solutions/#priorOffice if that sounds more like what y'all are experiencing.

Duo error: Looks similar something went wrong

During Microsoft sign in, you may encounter this error:

This error is very generic–information technology can exist produced by something as simple equally going to the URL shown without any application generating the challenge, then it isn't terribly helpful by itself.

  1. Check whether this issue is happening only from a single device.
    1. If the issue is limited to a single device,
      1. Until this event is resolved, a workaround is to use a different device.
      2. Go to step #2.
    2. If the upshot happens on all devices, get to step #iii.
  2. Presuming this is happening from a single device, check the following:
    1. Clear all Azure AD tokens, to ensure this is non a corrupt Azure Advertizement token which needs to be manually cleared. See https://itconnect.uw.edu/wares/msinf/aad/authn/aid/problems-and-solutions/#corrupt for the steps to take for this possibility.
    2. Check to see if there'south some security software on your device which is interfering with connecting to the Duo site (us.azureauth.duosecurity.com/authority) in the fault message. Antivirus, antimalware, or a firewall could peradventure cause this.
  3. This is a trouble which will require UW-Information technology aid–contact help@uw.edu. The root cause could be one of these possibilities:
    1. In that location's some reason in the UW's Duo infrastructure why the signal for your account to initiate a Duo 2FA challenge is non resulting in that claiming when you are redirected to the Duo site.
    2. In that location's some reason in Duo's infrastructure why the signal for your account to initiate a Duo 2FA challenge is non resulting in that challenge when y'all are redirected to the Duo site.

Microsoft production licensing

You may exist trying to access a Microsoft product which requires your user business relationship to accept a license. Many Microsoft product licenses at the UW are based on your amalgamation with the UW, so loss of pupil or employee status will upshot in loss of license. If your business relationship was deleted due to inactivity (see Inactive MI user account), it may take up to one twenty-four hour period to proceeds whatsoever licensing you are eligible for.

Solutions:

  • Affiliates tin can exist provisioned Function 365 licenses.

  • Shared or Admin UW NetID can be provisioned Office 365 licenses.

  • All other scenarios require UW-Information technology help

Role installed previously for another user causes sign in issues

When Microsoft Office was previously installed on a device for another user information technology can leave a diversity of detritus that can result in sign in issues for other users. You may experience errors such every bit:

  • pottery@uw.edu can't be found in the blah-my.sharepoint.com directory.
  • Sad, another account from your organization is already signed in on this calculator.

The offset mistake strongly indicates there is buried detritus from a prior installation–Office is trying to connect to a OneDrive in some other tenant, which it should only exercise if someone from another organization has shared a document with you and y'all have initiated opening that document.

The prior Function installation detritus is usually in the form of registry keys that cache the Azure Advert tenant, username, and contour information. Removing those registry keys can resolve those type of issues simply can be challenging to notice, even for an experienced IT professional–the most reliable solution in those cases is to rebuild the device. But rebuilding your device tin exist highly impactful, so we'll attempt to provide some pointers on which registry keys might be causing the problems. Keep in mind that editing your registry can be dangerous, leading to instability and forcing you to rebuild the device .

Solutions:

  1. The 1st mistake may be resolved with a OneDrive reset.
  2. The 2nd error can be caused by a corrupt or incorrect identity token or dried browser cookie.
  3. Registry cardinal locations which may be causing these problems:
    1.  HKCU\Software\Microsoft\Part\15.0\Mutual\Identity\Identities
      1. Note: "fifteen.0" may not be the version installed on your device–adjust this number for what you discover
      2. Nether this location, select the Office account that you want to delete, and and so selectDelete. At that place may be more than ane yous demand to delete.
    2.  HKCU\Microsoft\Office\xv.0\Mutual\Identity\Profiles
      1. Notation: "15.0" may not be the version installed on your device–adjust this number for what you lot find
    3. Under this location, select the Office account that you desire to delete, and then selectDelete. At that place may be more than 1 you lot need to delete.
    4. Subsequently removing these registry keys, reboot, and see if that clears information technology upwards.
  4. Slightly more ambitious registry fundamental removals:
    1.  HKCU\Software\Microsoft\Part\xv.0\Common\Identity\
      1. NOTE: "15.0" may not be the version installed on your device–adjust this number for what you find
      2. Delete everything under this location.
    2. Reboot and effort over again.
  5. More aggressive registry key removal specific to 1st mistake:
    1. HKCU\SOFTWARE\Microsoft\OneDrive\Accounts\Business1
      1. Delete everything nether this location
    2. HKCU\SOFTWARE\SyncEngines\Providers\OneDrive\Business1
      1. Delete everything under this location
    3. HKCU\SOFTWARE\SyncEngines\Providers\OneDrive\2ad64a9b31d24a538a5189f6f0fede98
      1. Note: the "2ad64a9b31d24a538a5189f6f0fede98" guid may differ on your device, adjust as needed
      2. Delete MountPoint & UrlNamespace under this location.
    4. Reboot and try again.
  6. If none of these solutions resolved your bug, and then a device rebuild may be required. Nosotros recommend using UW Autopilot for this scenario.

Unexpected Duo prompt during Windows sign in

In rare cases, if you lot take opted into 'UW Duo for the web' yous may experience a Duo prompt during the interactive Windows sign in. In that location are two scenarios where this may occur–i that is expected and another where it is unusual.

Windows sign in generally has cypher to do with Azure AD. However, there are a couple scenarios where information technology is related:

  1. If y'all take joined your device to Azure Advertizing. In that case, your interactive Windows sign in is to Azure AD. Azure AD device join is non recommended at the UW, but in that case, a Duo prompt would exist expected as interactive Windows sign in.
  2. If your device has a client application installed which starts at Windows sign in that interacts with an Azure AD application AND that client awarding behaves poorly by deleting or disregarding existing Azure Advert tokens it has previously gotten, then a Duo prompt is a valid but disappointing result. The client application should non bear in this manner as it violates the expected beliefs of honoring the full lifetime of the Azure Advertisement token. We are aware of i known instance of this, only there may be others.
    Known instances:
    1. The Universal Shop Native Client, which accesses the Windows Store for Business (Azure AD) application. Note: this is not predictable and would appear to happen semi-randomly based on an unknown algorithm in the lawmaking of this customer application. We have no solutions for this trouble at this time.

User disabled registered device

Some Part clients require Azure AD device registration to enable sign-in. Azure Ad device registration enables a refresh token which significantly reduces the number of interactive sign ins required. Users can disable any device they accept registered, but can not re-enable devices they disable. When they disable a device, all ability to sign in to Azure Advertisement from that device is blocked. UW-It recommends that users never disable a registered device .

Users can review their registered devices via https://myworkaccount.microsoft.com/device-list to verify the device is improperly disabled and this is the source of the problem.

Solution: There is no action the user can accept to resolve this trouble. Contact UW-IT via help@uw.edu for assistance in re-enabling the registered device.

Device registration failure due to Intune device restriction policy

Annotation: Technically this is not an Azure AD authentication failure, only it is closely related, so we've included it.

If you get an error message which includes "Fault Code 80180014" along with ""Something went wrong. Your account was not set up on this device because device management could not be enabled. This device might not be able to access some resources, such every bit Wi-Fi, VPN, or electronic mail.", y'all may have run into this known problem which is described in detail at https://itconnect.uw.edu/wares/msinf/aad/device/aad-dr/#wrong.

Azure Advertizement device registration is an important element which affects the Azure Advertising hallmark experience, every bit explained equally part of this overall guide.

This error happens due to an undocumented design on Microsoft's part in combination with the UW configuration required to back up Autopilot.

To resolve this problem, contact help@uw.edu with discipline "Device registration failure due to Intune device brake policy" — we'll manually add you to the workaround solution.

UW Remember Me doesn't work with Azure Advertizing; I take to sign in to Azure AD a lot

Per https://itconnect.uw.edu/security/uw-netids/2fa/remember-me/ , "the 'remember me' option is a feature of the UW Identity Provider." Azure AD is not the UW Identity Provider, and so this feature is not expected to piece of work.

Azure Ad authentication tokens generally terminal indefinitely except in risky conditions. If you are constantly being asked to sign in, you are probable using the engineering science in a manner it isn't designed for.

Solutions:

  • A simple manner to reduce Azure Ad sign ins is to register your device with Azure AD . Annotation that merely devices with the following platforms can register: Windows 10, iOS, Android, and MacOS. Windows 7 is not supported, and should exist upgraded to Windows 10. For more groundwork info see https://itconnect.uw.edu/wares/msinf/aad/device/aad-dr/.
  • There are other possible solutions and yous may demand to contact UW-It via assistance@uw.edu for additional help

UW NetID compromise

UW NetIDs sometimes are compromised. When this happens, they are put into a special non-functional country to prevent improper use until the business relationship can be reinstated. This will prevent all authentications, Azure AD or otherwise, and all Azure AD access token issuance.

Solution: Contact UW-Information technology via help@uw.edu or by calling 206-221-5000 for help in re-enabling UW NetID.

Azure MFA Conditional Access policy from some other tenant

When you access a resource owned by another arrangement, i.e. it resides in another organization'southward Azure Ad tenant, you are subject to any Conditional Access policies they may take. Policies which may be impactful are usually security related. Azure MFA is a common additional security expectation. Every bit an example, if you bring together a Microsoft Team hosted by Microsoft, yous will be asked to register for Azure MFA via Microsoft Authenticator in order to sign in to that specific Microsoft Squad.

Solution: There is no single solution for all scenarios, and considering the policy is not owned by the UW, UW-Information technology tin can't assist you either.

If the Conditional Access policy requires Azure MFA, then you can enable Azure MFA on your account by adding Additional Verification methods.

Risk-based Conditional Access policy from some other tenant

You may receive the error message:

"Your account is blocked. We've detected suspicious activity on your account. Sorry the organization you are trying to admission restricts at-take a chance users. Please contact your UW admin." (sign in error code 530032)

When you admission a resource owned by another organization, i.east. it resides in some other organization'south Azure AD tenant, yous are subject area to any Provisional Access policies they may take. Policies which may be impactful are usually security related. Risk-based policies are a common additional security expectation. For example, if you join a Microsoft Team hosted by another arrangement, you may not be allowed to admission that specific Microsoft Team if you are considered loftier risk by Microsoft.

Your UW Azure Advertising user account can exist marked high adventure past Microsoft due to some combination of activities associated with the business relationship. What are considered risky event indicators are described at What is take a chance? Azure AD Identity Protection | Microsoft Docs, and it is usually a combination of events which results in a high chance conclusion for a user account.

The UW has no control over what policies other organizations cull to enforce on access to their services and data, so we can not remove those policies.

UW-Information technology can review the Microsoft determined risk events associated with your account and nosotros may choose to clear them if at that place is no indication of compromise or other concern. This should permit you lot to access the resources. Just the chance level could return, if in that location are further indicators.

Solution: Contact UW-IT at aid@uw.edu to go your run a risk level reviewed and possibly cleared to let access to the other system's resources.

Last reviewed Apr 28, 2022

gutierrezhavery.blogspot.com

Source: https://itconnect.uw.edu/wares/msinf/aad/authn/help/problems-and-solutions/

0 Response to "Outlook Customer Manager Getting Something Went Wrong Please Try Again"

Post a Comment

Subscribe to: Post Comments (Atom)

Iklan Atas Artikel

Iklan Tengah Artikel 1

Iklan Tengah Artikel 2

Iklan Bawah Artikel