Merge pull request #250278 from omondiatieno/other-problem

v-ccolin · web-flow · commit d98cd1ef2580 · 2023-09-05T16:34:54.000+01:00
Other sign in problem - update UI steps
diff --git a/articles/active-directory/manage-apps/application-sign-in-other-problem-access-panel.md b/articles/active-directory/manage-apps/application-sign-in-other-problem-access-panel.md
@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.subservice: app-mgmt
 ms.workload: identity
 ms.topic: troubleshooting
-ms.date: 02/01/2022
+ms.date: 09/05/2023
 ms.author: jomondi
 ms.reviewer: lenalepa
 ms.custom: contperf-fy21q2, enterprise-apps
@@ -44,8 +44,8 @@ Here are some things to check if an app is appearing or not appearing:
 - Make sure the user’s account is **enabled** for sign-ins.
 - Make sure the user’s account is **not locked out.**
 - Make sure the user’s **password is not expired or forgotten.**
-- Make sure **Multi-Factor Authentication** is not blocking user access.
-- Make sure a **Conditional Access policy** or **Identity Protection** policy is not blocking user access.
+- Make sure **Multi-Factor Authentication** isn't blocking user access.
+- Make sure a **Conditional Access policy** or **Identity Protection** policy isn't blocking user access.
 - Make sure that a user’s **authentication contact info** is up to date to allow Multi-Factor Authentication or Conditional Access policies to be enforced.
 - Make sure to also try clearing your browser’s cookies and trying to sign in again.
 
@@ -70,41 +70,32 @@ Access to My Apps can be blocked due to a problem with the user’s account. Fol
 
 To check if a user’s account is present, follow these steps:
 
-1. Open the [**Azure portal**](https://portal.azure.com/) and sign in as a **Global Administrator.**
-2. Open the **Azure Active Directory Extension** by selecting **All services** at the top of the main left-hand navigation menu.
-3. Type in **“Azure Active Directory**” in the filter search box and select the **Azure Active Directory** item.
-4. Select **Users and groups** in the navigation menu.
-5. Select **All users**.
-6. **Search** for the user you are interested in and **select the row** to select.
-7. Check the properties of the user object to be sure that they look as you expect and no data is missing.
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [User Administrator](../roles/permissions-reference.md#user-administrator). 
+1. Browse to **Identity** > **Users** > **All users** >
+1. Search for the user you're interested in and **select the row** to view the details of the user.
+1. Check the properties of the user object to be sure that they look as you expect and no data is missing.
 
 ### Check a user’s account status
 
 To check a user’s account status, follow these steps:
 
-1. Open the [**Azure portal**](https://portal.azure.com/) and sign in as a **Global Administrator.**
-2. Open the **Azure Active Directory Extension** by selecting **All services** at the top of the main left-hand navigation menu.
-3. Type in **“Azure Active Directory**” in the filter search box and select the **Azure Active Directory** item.
-4. Select **Users and groups** in the navigation menu.
-5. Select **All users**.
-6. **Search** for the user you are interested in and **select the row** to select.
-7. Select **Profile**.
-8. Under **Settings** ensure that **Block sign in** is set to **No**.
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [User Administrator](../roles/permissions-reference.md#user-administrator). 
+1. Browse to **Identity** > **Users** > **All users** >
+1. **Search** for the user you're interested in and **select the row** to select.
+1. Select **Profile**.
+1. Under **Settings** ensure that **Block sign in** is set to **No**.
 
 ### Reset a user’s password
 
 To reset a user’s password, follow these steps:
 
-1. Open the [**Azure portal**](https://portal.azure.com/) and sign in as a **Global Administrator.**
-2. Open the **Azure Active Directory Extension** by selecting **All services** at the top of the main left-hand navigation menu.
-3. Type in **“Azure Active Directory**” in the filter search box and select the **Azure Active Directory** item.
-4. Select **Users and groups** in the navigation menu.
-5. Select **All users**.
-6. **Search** for the user you are interested in and **select the row** to select.
-7. Select the **Reset password** button at the top of the user pane.
-8. Select the **Reset password** button on the **Reset password** pane that appears.
-9. Copy the **temporary password** or **enter a new password** for the user.
-10. Communicate this new password to the user, they be required to change this password during their next sign-in to Azure Active Directory.
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [User Administrator](../roles/permissions-reference.md#user-administrator). 
+1. Browse to **Identity** > **Users** > **All users** >
+1. **Search** for the user you're interested in and **select the row** to select.
+1. Select the **Reset password** button at the top of the user pane.
+1. Select the **Reset password** button on the **Reset password** pane that appears.
+1. Copy the **temporary password** or **enter a new password** for the user.
+1. Communicate this new password to the user, they be required to change this password during their next sign-in to Azure Active Directory.
 
 ### Enable self-service password reset
 
@@ -117,84 +108,68 @@ To enable self-service password reset, follow these deployment steps:
 
 To check a user’s multi-factor authentication status, follow these steps:
 
-1. Open the [**Azure portal**](https://portal.azure.com/) and sign in as a **Global Administrator.**
-2. Open the **Azure Active Directory Extension** by selecting **All services** at the top of the main left-hand navigation menu.
-3. Type in **“Azure Active Directory**” in the filter search box and select the **Azure Active Directory** item.
-4. Select **Users and groups** in the navigation menu.
-5. Select **All users**.
-6. Select the **Multi-Factor Authentication** button at the top of the pane.
-7. Once the **Multi-Factor Authentication Administration Portal** loads, ensure you are on the **Users** tab.
-8. Find the user in the list of users by searching, filtering, or sorting.
-9. Select the user from the list of users and **Enable**, **Disable**, or **Enforce** multi-factor authentication as desired.
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [User Administrator](../roles/permissions-reference.md#user-administrator). 
+1. Browse to **Identity** > **Users** > **All users** >
+1. Select the **Per-user MFA** button at the top of the pane.
+1. Once the **Multi-Factor Authentication** administration portal loads, ensure you are on the **Users** tab.
+1. Find the user in the list of users by searching, filtering, or sorting.
+1. Select the user from the list of users and **Enable**, **Disable**, or **Enforce** multi-factor authentication as desired.
    >[!NOTE]
    >If a user is in an **Enforced** state, you may set them to **Disabled** temporarily to let them back into their account. Once they are back in, you can then change their state to **Enabled** again to require them to re-register their contact information during their next sign-in. Alternatively, you can follow the steps in the [Check a user’s authentication contact info](#check-a-users-authentication-contact-info) to verify or set this data for them.
 
 ### Check a user’s authentication contact info
 
 To check a user’s authentication contact info used for Multi-factor authentication, Conditional Access, Identity Protection, and Password Reset, follow these steps:
 
-1. Open the [**Azure portal**](https://portal.azure.com/) and sign in as a **Global Administrator.**
-2. Open the **Azure Active Directory Extension** by selecting **All services** at the top of the main left-hand navigation menu.
-3. Type in **“Azure Active Directory**” in the filter search box and select the **Azure Active Directory** item.
-4. Select **Users and groups** in the navigation menu.
-5. Select **All users**.
-6. **Search** for the user you are interested in and **select the row** to select.
-7. Select **Profile**.
-8. Scroll down to **Authentication contact info**.
-9. **Review** the data registered for the user and update as needed.
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [User Administrator](../roles/permissions-reference.md#user-administrator). 
+1. Browse to **Identity** > **Users** > **All users** >
+1. **Search** for the user you're interested in and **select the row** to select.
+1. Select **Authentication method** under **Manage**.
+1. **Review** the data registered for the user and update as needed.
 
 ### Check a user’s group memberships
 
 To check a user’s group memberships, follow these steps:
 
-1. Open the [**Azure portal**](https://portal.azure.com/) and sign in as a **Global Administrator.**
-2. Open the **Azure Active Directory Extension** by selecting **All services** at the top of the main left-hand navigation menu.
-3. Type in **“Azure Active Directory**” in the filter search box and select the **Azure Active Directory** item.
-4. Select **Users and groups** in the navigation menu.
-5. Select **All users**.
-6. **Search** for the user you are interested in and **select the row** to select.
-7. Select **Groups** to see which groups the user is a member of.
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [User Administrator](../roles/permissions-reference.md#user-administrator). 
+1. Browse to **Identity** > **Users** > **All users** >
+1. **Search** for the user you're interested in and **select the row** to select.
+1. Select **Groups** to see which groups the user is a member of.
 
 ### Check if a user has more than 999 app role assignments
 
 If a user has more than 999 app role assignments, then they may not see all of their apps on My Apps.
 
-This is because My Apps currently reads up to 999 app role assignments to determine the apps to which users are assigned. If a user is assigned to more than 999 apps, it is not possible to control which of those apps will show in the My Apps portal.
+This is because My Apps currently reads up to 999 app role assignments to determine the apps to which users are assigned. If a user is assigned to more than 999 apps, it isn't possible to control which of those apps show in the My Apps portal.
 
 To check if a user has more than 999 app role assignments, follow these steps:
 
 1. Install the [**Microsoft.Graph**](https://github.com/microsoftgraph/msgraph-sdk-powershell) PowerShell module.
-2. Run `Connect-MgGraph -Scopes "User.ReadBasic.All Application.Read.All"`.
-3. Run `(Get-MgUserAppRoleAssignment -UserId "<user-id>" -PageSize 999).Count` to determine the number of app role assignments the user currently has granted.
-4. If the result is 999, the user likely has more than 999 app roles assignments.
+2. Run `Connect-MgGraph -Scopes "User.ReadBasic.All Application.Read.All"`and sign in as at least a [User Administrator](../roles/permissions-reference.md#user-administrator)..
+1. Run `(Get-MgUserAppRoleAssignment -UserId "<user-id>" -PageSize 999).Count` to determine the number of app role assignments the user currently has granted.
+1. If the result is 999, the user likely has more than 999 app roles assignments.
 
 ### Check a user’s assigned licenses
 
 To check a user’s assigned licenses, follow these steps:
 
-1. Open the [**Azure portal**](https://portal.azure.com/) and sign in as a **Global Administrator.**
-2. Open the **Azure Active Directory Extension** by selecting **All services** at the top of the main left-hand navigation menu.
-3. Type in **“Azure Active Directory**” in the filter search box and select the **Azure Active Directory** item.
-4. Select **Users and groups** in the navigation menu.
-5. Select **All users**.
-6. **Search** for the user you are interested in and **select the row** to select.
-7. Select **Licenses** to see which licenses the user currently has assigned.
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [User Administrator](../roles/permissions-reference.md#user-administrator). 
+1. Browse to **Identity** > **Users** > **All users** >
+1. **Search** for the user you're interested in and **select the row** to select.
+1. Select **Licenses** to see which licenses the user currently has assigned.
 
 ### Assign a user a license
 
 To assign a license to a user, follow these steps:
 
-1. Open the [**Azure portal**](https://portal.azure.com/) and sign in as a **Global Administrator.**
-2. Open the **Azure Active Directory Extension** by selecting **All services** at the top of the main left-hand navigation menu.
-3. Type in **“Azure Active Directory**” in the filter search box and select the **Azure Active Directory** item.
-4. Select **Users and groups** in the navigation menu.
-5. Select **All users**.
-6. **Search** for the user you are interested in and **select the row** to select.
-7. Select **Licenses** to see which licenses the user currently has assigned.
-8. Select the **Assign** button.
-9. Select **one or more products** from the list of available products.
-10. **Optional** select the **assignment options** item to granularly assign products. Select **Ok**.
-11. Select the **Assign** button to assign these licenses to this user.
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [User Administrator](../roles/permissions-reference.md#user-administrator). 
+1. Browse to **Identity** > **Users** > **All users** >
+1. **Search** for the user you're interested in and **select the row** to select.
+1. Select **Licenses** to see which licenses the user currently has assigned.
+1. Select the **Assignments** button.
+1. Select one or more licenses from the list of available products.
+1. Optional: Select **Review license options** to granularly assign products.
+1. Select **Save**.
 
 ## Troubleshooting deep links
 
@@ -204,14 +179,10 @@ Deep links or User access URLs are links your users may use to access their pass
 
 To check if you have the correct deep link, follow these steps:
 
-1. Open the [**Azure portal**](https://portal.azure.com/) and sign in as a **Global Administrator** or **Co-admin.**
-2. Open the **Azure Active Directory Extension** by selecting **All services** at the top of the main left-hand navigation menu.
-3. Type in **“Azure Active Directory**” in the filter search box and select the **Azure Active Directory** item.
-4. Select **Enterprise Applications** from the Azure Active Directory left-hand navigation menu.
-5. Select **All Applications** to view a list of all your applications.
-   - If you do not see the application you want show up here, use the **Filter** control at the top of the **All Applications List** and set the **Show** option to **All Applications.**
-6. Select the application you want the check the deep link for.
-7. Find the label **User Access URL**. Your deep link should match this URL.
+1. Sign in to the [Microsoft Entra admin center](https://entra.microsoft.com) as at least a [Cloud Application Administrator](../roles/permissions-reference.md#cloud-application-administrator). 
+1. Browse to **Identity** > **Applications** > **Enterprise applications** > **All applications**.
+1. Enter the name of the existing application in the search box, and then select the application from the search results.
+1. Find the label **User Access URL**. Your deep link should match this URL.
 
 ## Contact support
 
