"Sorry, but we're having trouble signing you in" and "8004789A" error when a federated user sign in to Microsoft 365, Azure, or Intune
Problem
Consider the following scenario. You update the relying party trust with Microsoft Entra ID in Active Directory Federation Services (AD FS) 2.0 by using the procedures that are described in one of the following resources:
- Limiting Access to Microsoft 365 Services Based on the Location of the Client
- "Federation service identifier specified in the AD FS 2.0 server is already in use." error when you try to set up another federated domain in Microsoft 365, Azure, or Intune
However, after you do this, authentication fails for federated users when they try to sign in to a Microsoft cloud service such as Microsoft 365, Azure, or Microsoft Intune from a sign-in webpage whose URL starts with https://login.microsoftonline.com/login. After the user clicks Sign in at <DomainName> on the webpage, the user gets the following error message:
Sorry, but we're having trouble signing you in
Please try again in a few minutes. If this doesn't work, you might want to contact your admin and report the following error:
8004789A
Solution
To resolve this issue, install Update Rollup 1 for AD FS 2.0 on all AD FS 2.0 Federation Service farm nodes. For more info about how to download and install Update Rollup 1 for AD FS 2.0, see Description of Update Rollup 1 for Active Directory Federation Services (AD FS) 2.0.
Note
This update requires a restart of the computer.
More information
To use multiple top level domains or client access policies, you must install Update Rollup 1 for Active Directory Federation Services (AD FS) 2.0.
Still need help? Go to Microsoft Community or the Microsoft Entra Forums website.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for