News

Microsoft Azure Active Directory Outage Blocks Access for 2.5 Hours

Issues affecting the Azure Active Directory service blocked customers from accessing applications early on the morning of Oct. 18 for about 2.5 hours.

Microsoft attributed the problem to multifactor authentication (MFA) challenges not working. MFA is a process in which users validate their identity via another means besides a password. MFA is part of the Azure AD service, which is used for signing into various applications.

The latest Azure Status page message from Microsoft (at about 9:40 a.m. PST) suggested that the problem had been resolved. Here's that message:

Information Authentication issues with Azure MFA
Customers in North America experienced issues with completing MFA challenges from approximately 6:30 AM PST until 9:00 AM PST.

As of now, Our telemetry and customers feedback indicates the issue is mitigated.

We are closely monitoring the situation to ensure this does not recur.

Earlier, the Azure Status page had described the issue as being under investigation, where Microsoft suspected the issue was associated with "config changes, recent patches and networking issues." Here's how it was expressed:

Information Authentication issues with Azure MFA
We are aware that customers in North America are experiencing issues with completing MFA challenges. This issue started at approximately 6:30 AM PST and is ongoing.  We are aware of how critical this is to your business and security. We are actively investigating the issue as our absolute top priority and working for the fastest possible resolution.

At this point, we are investigating potential root causes including but not limited to config changes, recent patches and networking issues, but we have not isolated any root cause or mitigation yet.
We will send out update within the next 60 minutes or as events warrant.

An Azure outage map by Downdetector.com showed that an outage mostly hit the United States. The map is based on complaints, which spanned a two-hour time period. Those complaints are generalized under the Azure "cloud services" label.

[Click on image for larger view.] Heat map of Azure outage on Oct. 18 based on complaints. (Source: Downdetector.com)

Apparently, Microsoft thought the issue early on was confined to signing into the Azure Admin Center portal. However, early reports by individuals on Twitter typically stated that the problem wasn't just with using MFA to access the Azure Admin Center portal but also Office 365. One person commented that the Microsoft 365 Service Health portal "incorrectly labels the issue as related to Admin Center access." Another person said that his whole organization couldn't log in to Office 365 services.

One Twitter poster helpfully pointed to this Microsoft document that describes creating an emergency account in Azure AD, which can be used when MFA isn't working.

More details on this Azure service outage was captured by veteran Microsoft reporter Mary Jo Foley in this ZDNet article.

Organizations with paid Azure AD subscriptions have the ability to claim service-time credits (no cash compensation) for a service outage under the Azure AD service-level agreement. However, they have to be able to demonstrate that they had no alternative means of access, which seems to be true in this case. Also, the credit isn't automatic. It has to be requested.

Azure AD outages have happened before and can have wide consequences. For instance, last year Microsoft explained a broad Azure AD outage as being due to a lightning strike on a Texas datacenter.

About the Author

Kurt Mackie is senior news producer for the 1105 Enterprise Computing Group.

Featured

  • Azure Active Directory ID Protection 'Refresh' Now Available

    Microsoft's enhancements to the Azure Active Directory Identity Protection service are now said to be "generally available" (GA), or ready for commercial use, per a Wednesday announcement.

  • Microsoft Releases Windows 10 Version 1909

    Microsoft on Tuesday announced the release of Windows 10 version 1909, a new operating system product that's also known as the "Windows 10 November 2019 Update."

  • November Microsoft Security Bundle Addresses 75 Vulnerabilities

    Of that number, 13 vulnerabilities are rated "Critical" to patch, while 62 vulnerabilities are deemed "Important."

  • The Future of Office 365 Pricing

    With a raft of new Office 365 features in the pipeline, Microsoft also seems ready to change the way it bills its subscribers. Will it replicate Azure's pay-per-use model, or will it look like something else entirely?

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.