On February 25, 2025, Microsoft experienced a significant disruption in its Entra ID authentication services due to a DNS configuration change. This incident highlights the critical role of DNS management in maintaining the reliability of cloud-based identity services.

Background

Entra ID, formerly known as Azure Active Directory, is Microsoft's cloud-based identity and access management service. It facilitates authentication and authorization for users accessing Microsoft services such as Microsoft 365, Azure, and other integrated applications. A key feature of Entra ID is Seamless Single Sign-On (SSO), which allows users to access cloud services without repeatedly entering credentials.

The Incident

The disruption began at 17:18 UTC on February 25, 2025, when users attempting to authenticate via Seamless SSO and Microsoft Entra Connect Sync encountered DNS resolution failures. This issue was traced back to a recent DNS change aimed at removing duplicate IPv6 CNAME records. Unfortunately, this cleanup inadvertently removed a critical domain, INLINECODE0 , essential for the authentication process. As a result, authentication requests failed, impacting access to various Azure services. (bleepingcomputer.com)

Resolution and Impact

Microsoft promptly identified the root cause and reverted the DNS change by 18:35 UTC on the same day, restoring normal authentication services. The company acknowledged the incident and committed to sharing more details in a forthcoming post-incident review. (isdown.app)

Implications for IT Management

This incident underscores the importance of meticulous DNS management in cloud environments. Even well-intentioned changes can have unintended consequences, leading to widespread service disruptions. IT administrators should implement robust monitoring and validation processes when making DNS modifications to prevent similar issues.

Related Articles

Conclusion

The disruption in Entra ID services serves as a reminder of the complexities involved in managing cloud-based identity solutions. Organizations should prioritize comprehensive testing and validation of DNS changes to ensure uninterrupted access to critical services.