Erwin Bierens

Knowledge is Power

Your account is blocked when signing in as guest in Microsoft Teams

2023-03-01 2 min read Microsoft Teams Azure Active Directory

If you’re running into trouble trying to sign in a guest user to your Microsoft Teams team, you’re not the only one.

Today, i encountered an error that left me scratching my head. After some investigation, we were able to identify the problem and resolve it. In this blog post, I’ll share my experience and show you how i went about troubleshooting the issue. Specifically, I’ll walk you through the steps i took when a previously added guest user was unable to sign in, receiving an error message each time.

Your account is blocked

So if you’re looking for some tips on how to troubleshoot guest user sign-in issues in Teams, please keep reading!

Error message: Your account is blocked

Investigate the issue

By default MFA is enabled in our tenant, but he never setup his guest account for MFA. Assuming this the signin process already stopped before logging in.

So, we went to the Azure Portal

Opened the Azure Active Directory and searched for the guest account.

Guest User Account

Initialy the account seems fine. Guest user account enabled

The Audit logs where only filled by the actions of the Teams owner when adding the user to the team. Where normally the message is displayed: Microsoft Invitation Acceptance Portal when the user has accepted the invitation to the team, this message was not displayed in the logs.

When looking up the sign-in logs, there are some failures where the user tried to log in.

Login failure

Looking in to the details of the failure, the Failure reason was pretty specific.

User blocked due to risk on home tenant.

blocked risk on home tenant

The Solution

So, based on the steps above, we have concluded that the issue is due to an account state in their own tenant.

So we took a look at their own Azure Activie Directory in the Azure Portal. Moved to Security and under the topic reporting the Risky users item.

risky users

The specific user was listed as risky user, we have selected the user and clicked the option Dismiss user(s) risk from the top menu.

After a couple of minutes we tried to log in to Teams and the MFA account setup was displayed. After setting up the MFA, the sign-in is marked as successful.

MFA setup and login

Hopefully this blog will save you some time in the future ;-)

some extra information about Identity protection can be found here

If you have any questions or suggestions regarding this issue, please use the comments below.

comments powered by Disqus