Microsoft fixes Entra ID authentication issue caused by DNS change

Microsoft has fixed an issue that caused Entra ID DNS authentication failures when using the company's Seamless SSO and Microsoft Entra Connect Sync.

In an update to its Azure status page, Microsoft says these problems were caused by a recent DNS change that triggered DNS resolution failures for the autologon.microsoftazuread.sso.com domain when customers tried to access Azure services between 17:18 UTC and 18:35 UTC on February 25,  2025.

"What do we know so far? As part of a cleanup effort to remove duplicate IPv6 CNAMEs, a change was introduced which removed a domain utilized in the authentication process for Microsoft Entra ID's seamless single sign-on feature. Once removed the domain could no longer be resolved and requests for authentication would fail," the company explained.

"These issues were caused by a recent DNS change, which has now been reverted, and the service is fully recovered. At this time, customers should no longer encounter DNS resolution failures."

While Microsoft has yet to share more information on what regions and Aure services were affected by these authentication failures impacting Entra ID (formerly Azure Active Directory), Redmond says the Azure status page is only used to track "widespread incidents."

While the company also promised to share more details over the next 60 minutes, it immediately removed the incident report after updating the status page.

More DNS incidents and recent outages

This isn't the first time Microsoft has had to address outages and incidents caused by DNS issues. In August 2023, the company fixed a misconfigured DNS SPF record that caused Hotmail email delivery to fail worldwide. Two years earlier, in April 2021, a code defect triggered a global outage that impacted many Microsoft services because of overloaded Azure DNS servers.

Last month, Microsoft also reverted a networking configuration change that caused connectivity issues, prolonged timeouts, connection drops, and resource allocation failures across multiple Azure services for East US 2 customers between January 8 and January 10.

Azure services that were impacted included Azure Databricks, Azure OpenAI, Azure App Service, Azure Container Apps, Azure SQL Database, Azure DevOps, Azure NetApp Files, Azure Stream Analytics, and more.

A Microsoft 365 outage in late January also prevented admins from accessing the Microsoft 365 admin center, while a Multi-Factor Authentication (MFA) outage two weeks earlier blocked customers from accessing Microsoft 365 Office apps.