How to re-add deleted Azure AD 2.0 user?
Hello,
I have enabled the Azure AD 2.0 authentication module and it worked fine. Until I mistakenly deleted two users who signed up with AD.
Is there a way to get these users back again? E.g. allow them to signup with their AD account again.
Now whenever these users login using AD they get the error message:
> Authentication failed. Check your credentials and try again.
Some findings:
* In the Access Management > Users section there is no more mention of the users in question.
* I can create "regular" users, but I'd really like them to be added through the Azure AD 2.0 (again)
* I've seen the similar post How to add auth method to user if it was deleted, but that requires the user to be onboarded again.
* In the Azure AD 2.0 settings, I've played around with toggling enabling/disabling the User creation and Email auto-verification settings. To no avail.
Thanks in advance for any guidance.
Please sign in to leave a comment.
Hi!
You can create "regular" users with the same emails that are used in Azure. Make sure that emails are verified, and when users log in using their Azure credentials, YouTrack should match them with created "regular" users.
Thanks Alisa. Unfortunately, that didn't do the trick:
We've also tried changing the username of the regular user to match the email from the AD, to no avail.
Note that this does not occur when the AD user initially onboards. It's only when the AD user has been deleted that we can't onboard him/her again.
What is the current Email auto-verification setting value in the auth module settings? It should be enabled, so please re-check it.
Checked this and it was already set to [Enabled]. Played around with enabling/disabling User Creation and Email auto-verification but that results in the same error as well.
Thank you for your answer!
Just to clarify: the mentioned users try to log in to YouTrack using the Azure module, i.e., by clicking the Azure module icon on the login page, and not by writing their Azure credentials in the YouTrack login form, am I correct?
Yes, that is correct.
Mind you, the trick is it worked once. But after the AD user has been deleted this situation occurs.
Would you mind creating a support request? We need to check the logs to find the root cause of this issue, and it is better to do it in the scope of the request. Thanks!
Sure thing, moving to support request now.