This guide will show an administrator how to view details on why a specified user is experiencing sign-in failures.
Role Requirements
Procedure Scope: Administrators
Required Group Membership: Admin.Compliance
Handbook Reference
Package: TBD
Domain: TBD
Modifies: TBD
User Account Failed Login Reporting
- Navigate to the Sign-In logs – Azure Active Directory portal, locate and select Add Filters. Specify Status as the search criteria and select Apply to finalize the filter selection.
- Once the selections above have been specified a new Status bubble should generate, we will want to select the bubble and specify Failure as the search criteria. Select Apply to return failed sign-in attempts captured by the portal.
- If you know of a specified user that is experiencing login issues and want to only view their specific failed login attempts. Select Add Filters, specifying Username as the search criteria and select Apply to finalize the filter selection.
- A new Username bubble should generate, we will want to select the bubble and provide the known Username associated with the User as the search criteria. Select Apply to return failed sign-in attempts for the specified User.
- All failed login attempts will be generated; clicking on a returned entry will generate a report which will provide details on why access was denied. Exploring the Failure Reason can aid in exploring possible policies that could be impacting user access.
Need Assistance?
Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.