product icon

Troubleshooting for the Office 365 SSO App Integration

    Review errors and commands for troubleshooting the Office 365 SSO app integration.

    About this task:
    Error Description
    See all licenses
    You need your AccountSku number to be able to add users.
    Add users
    New-MsolUser -UserPrincipalName -ImmutableId -FirstName -LastName -DisplayName -LicenseAssignment -usageLocation
    The immutable id is a unique user identifier on Office 365. Make sure Immutable id is reflected in the user's info on LastPass portal, as the user's ID. The user principal name is the IDPEmail. Both these values must match with the Office 365 configuration for single sign-on to be successful.
    Delete users
    Remove-MsolUser -UserPrincipalName <User's email>
    The above command moves the user to the Office 365 recycle bin. To create a user with the same name, make sure to remove the user from the recycle bin.
    Retrieve a deleted user
    Get-MsolUser -ReturnDeletedUsers -SearchString <User's email> | select UserPrincipalName, ObjectId
    Remove a deleted user from the recycle bin
    Remove-MsolUser -RemoveFromRecycleBin –ObjectId
    Login error Some users might experience the following sign-in issue, due to a known bug on Office 365:

    "Sorry, but we're having trouble signing you in. Please try again in a few minutes. If this doesn't work, you might want to contact your admin and report the following error: <error#>."

    The solution is to restart your browser and try to log in again.

    Alternatively, LastPass MFA can be used for secure login to Office 365/Azure AD SSO while maintaining Azure AD as the primary Identity Provider. For more info, visit How do I configure my Azure AD account to use LastPass MFA for authentication?