<logo>

Root Cause Analysis (RCA)

Issue:

Users were unable to access their device's Outlook and other

applications due to an error message indicating that their sign-in was
successful but did not meet the criteria to access the resource.

Problem Statement:

Users are encountering an error message stating "Your sign-in was

successful but does not meet the criteria to access this resource" when
attempting to access Outlook and other applications on their devices.
This issue is preventing users from accessing essential resources required
for their work.

Analysis:

The conditional access Policy “GRANT- Trusted Location Allowed” was

blocking the users to access the resources.

Root Cause:

The root cause of the issue was determined to be the configuration of

the Conditional Access policy. “GRANT- Trusted Location Allowed”
While the intention was to evaluate the impact of the policy in "Report-
only “State. Report-only mode is designed to simulate policy evaluation
without enforcement to administrator.

The policy malfunction resulted in unexpected blocking behaviour,

preventing users from accessing resources.

Root Cause Analysis

<logo>

Root Cause Analysis

<logo>

Immediate Resolution:

After rechecking and re-enabling the policy state to Report-Only mode,

it was confirmed that it was set correctly and that no enforcement
actions were mistakenly applied. Success of the report-only state was
then ensured. Following this verification process, users were able to
regain access to their resources correctly

Additionally, steps were taken to ensure that policies are thoroughly

tested in "Report-only” state with Specified Pilot users before being
enforced in production environments. Ongoing monitoring and auditing
of Conditional Access policies were also implemented to prevent similar
issues in the future.

Next Step:

Create a Support Ticket with Microsoft to Investigate the root cause of

the report-only mode failure to Determine why the report-only mode
triggered a block and identify any specific triggers.

Conclusion:

Despite our internal efforts to recheck and re-enable the Report-Only

state of the policy, the issue has been successfully resolved. Upon
confirming the correct configuration and functionality of the Report-Only

Root Cause Analysis

<logo>

mode, users have regained access to their resources without any further
disruptions. However, to ensure a thorough understanding of the root
cause and to prevent similar incidents in the future, it is imperative to
reach out to Microsoft. Collaborating with Microsoft support will enable
us to investigate why the Report state failed initially and what triggered
the block on user access to resources. This proactive approach will help
us identify any underlying issues with the platform or configurations and
implement necessary measures to maintain seamless access for our users
going forward.

Root Cause Analysis