cancel
Showing results for 
Search instead for 
Did you mean: 

Problem login PulseSecure with multiple MS accounts

Highlighted
New Contributor

Problem login PulseSecure with multiple MS accounts

Hi all.

 

I have Pulse VPN to connect to client network.

 

The problem is when i try connect to PulseSecure. i have 3 MS account in my PC, Personal account, bussiness account and clients business account, so i try connect appears this message:

 

AADSTS90072: User account 'account@business.net' from identity provider 'https://sts.windows.net/7ab75e1f-9dc3-409f-be1f-863f3de3ad9f/' does not exist in tenant 'Client bussiness' and cannot access the application 'https://vpn.ClientBusiness.com/***' in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account
 
I have a workarround solution, but It is not the idea, since I have to do it every time when I try to connect. The workarround is close all sessions, from webpage, of mi MS business account.
 
 
Any solution?

 

3 REPLIES 3
Highlighted
Moderator

Re: Problem login PulseSecure with multiple MS accounts

From my understanding, this was caused due to your business account session did not get logged-out completely prior connecting to your VPN server, which requires you to login with your client-business account.

 

The workaround which you're pointing out is the actual solution for this. Ideally, when you've logged-in to MS cloud resource (Azure, Office365, etc) with account-1, then either you should log-out or there should be session control enabled on the cloud resource to identify and delete you idle session to avoid this situation, because what happens is when you connect to VPN which redirect you back to same authentication server (I believe it'd be login.microsoftonline.com) as part of the SAML authentication, would make the browser to resume the session by sending your Account-1 cookie to the authentication server, if you're session is active; then you get redirected to the cloud resource and face authorization based error messages.

 

Now, think about the other scenario... VPN redirects to authetication server, browser sends the cookie of Account-1, auth.server would ask you to login again as the cookie is not valid anymore after account-1 log-out, and you can login with Account-2.. Voila!

PCS Expert
Pulse Connect Secure Certified Expert
Highlighted
New Contributor

Re: Problem login PulseSecure with multiple MS accounts

Another workarround is register my Business-client in Outlook, i not know why, now PulseSecure show me wich one account i want connect...

So, for my,. its ok...

 

https://vvcap.com/img/mjkcYqHNh.png 

Highlighted
Moderator

Re: Problem login PulseSecure with multiple MS accounts

@Pezhan Oh... I'm not aware of this workaround. Anyway, I'm happy as long as it works for you.

PCS Expert
Pulse Connect Secure Certified Expert