Troubleshooting for the Office 365 SSO App Integration

Review errors and commands for troubleshooting the Office 365 SSO app integration.

About this task:

Error	Description
See all licenses	`Get-MsolAccountSku` You need your AccountSku number to be able to add users.
Add users	`New-MsolUser -UserPrincipalName -ImmutableId -FirstName -LastName -DisplayName -LicenseAssignment -usageLocation` The immutable id is a unique user identifier on Office 365. Make sure Immutable id is reflected in the user's info on LastPass portal, as the user's ID. The user principal name is the IDPEmail. Both these values must match with the Office 365 configuration for single sign-on to be successful.
Delete users	`Remove-MsolUser -UserPrincipalName <User's email>` The above command moves the user to the Office 365 recycle bin. To create a user with the same name, make sure to remove the user from the recycle bin.
Retrieve a deleted user	`Get-MsolUser -ReturnDeletedUsers -SearchString <User's email> \| select UserPrincipalName, ObjectId`
Remove a deleted user from the recycle bin	`Remove-MsolUser -RemoveFromRecycleBin –ObjectId`
Login error	Some users might experience the following sign-in issue, due to a known bug on Office 365: "Sorry, but we're having trouble signing you in. Please try again in a few minutes. If this doesn't work, you might want to contact your admin and report the following error: <error#>." The solution is to restart your browser and try to log in again.

Alternatively, LastPass MFA can be used for secure login to Office 365/Azure AD SSO while maintaining Azure AD as the primary Identity Provider. For more info, visit How do I configure my Azure AD account to use LastPass MFA for authentication?