question

MichaelKarolitzky-6083 avatar image
0 Votes"
MichaelKarolitzky-6083 asked MarileeTurscak-MSFT edited

Single User with MFA Issue

Using AzureAD, integrating with or on-prem AD, we have one user unable to authenticate using Azure MFA with the following error:

Access Rejected for user <username> with Azure MFA response: PhoneAppNoResponse and message: Authentication method failed

This has worked for him in the past. account is active, password is in sync.

Anyone come across this one before for a single user?

azure-active-directory
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

MarileeTurscak-MSFT avatar image
1 Vote"
MarileeTurscak-MSFT answered MarileeTurscak-MSFT edited

The "PhoneAppNoResponse" message usually means that the MFA is timing out before the user is able to complete the verification.

If you are using a VPN server, it should handle requests and duplicate requests and have at least a 60 second timeout set. This allows time for the user to finish the MFA and the NPS server send result to the VPN server (if applicable - not sure what your MFA setup looks like).


Additional things to check from the troubleshooting guide:


CAUSE

This issue can occur if one of the following conditions is true:

The phone call wasn't answered.

Your provider couldn’t send the call.

Your provider couldn't send the SMS message.

A time-out occurred because there was no response and SMS authentication failed.

The phone number wasn't set up correctly in the security verification settings.


SOLUTION

To resolve this issue, do one or more of the following:

Make sure that the phone is working correctly. If you're using a mobile phone, make sure that your mobile service is available.

Make sure that you have the correct phone number and country code listed in the security verification settings.

If you had set up other options for security verification, click Other verification options, and then try again by selecting a different option. Also, make sure that your phone numbers are correct in your user account settings.


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.