|
| 1 | +--- |
| 2 | +title: Error AADSTS700003 - Device object was not found in the tenant '{tenantName}' directory |
| 3 | +description: Provides a solution to an issue where users experience the AADSTS700003 error when they try to sign in to an Azure application that can be used with Microsoft Entra ID. |
| 4 | +ms.service: entra-id |
| 5 | +ms.date: 02/12/2025 |
| 6 | +ms.reviewer: jutakata, willfid, bachoang, joaos, modawud, v-weizhu |
| 7 | +ms.custom: sap:Issues Signing In to Applications |
| 8 | +--- |
| 9 | + |
| 10 | +# Error AADSTS700003 - Device object was not found in the tenant '{tenantName}' directory |
| 11 | + |
| 12 | +This article discusses how to resolve the "AADSTS700003" error that occurs when a user tries to sign in to an application that's integrated into Microsoft Entra ID. |
| 13 | + |
| 14 | +## Symptoms |
| 15 | + |
| 16 | +When users try to sign in to an application that's integrated into Microsoft Entra ID, they receive an "AADSTS700003" error with one of the following error messages: |
| 17 | + |
| 18 | +> Device object was not found in the tenant '{tenantName}' directory. |
| 19 | +
|
| 20 | +Or |
| 21 | + |
| 22 | +> Your organization has deleted this device. |
| 23 | +
|
| 24 | +## Cause |
| 25 | + |
| 26 | +This issues occurs because the device object is deleted on the user's home tenant. When a device is deleted, the "Delete device" activity type is recorded in [Microsoft Entra audit log](/entra/identity/monitoring-health/concept-audit-logs). In Microsoft Entra ID, there are three ways to register or join user devices: |
| 27 | + |
| 28 | +- Microsoft Entra registered |
| 29 | +- Microsoft Entra joined |
| 30 | +- Microsoft Entra hybrid joined |
| 31 | + |
| 32 | +Device registration or join creates a [device identity](/entra/identity/devices/overview). This device identity is used in scenarios such as [device-based Conditional Access policies](/entra/identity/conditional-access/concept-conditional-access-grant) and [Mobile Device Management with the Microsoft Intune](/mem/endpoint-manager-overview). When users get the AADSTS700003 error, the device object isn't found in the tenant. |
| 33 | + |
| 34 | +## Solution |
| 35 | + |
| 36 | +Engage the home tenant administrators to determine when and why your device object is deleted. Then, take the corresponding action depending on the device registration/join types, as shown in the following table: |
| 37 | + |
| 38 | +| Device join type | Action | |
| 39 | +|--|--| |
| 40 | +| Microsoft Entra registered | For Windows 10/11 Microsoft Entra registered devices, Go to **Settings** > **Accounts** > **Access Work or School**. Select your work or school account on the screen. Select **Disconnect** to disconnect the device. Then, register the device to Microsoft Entra ID again.<br/><br/>For iOS and Android, you can use the Microsoft Authenticator application **Settings** > **Device Registration** and select **Unregister device**. Then, register the device to Microsoft Entra ID again.<br/><br/>For macOS, you can use the Microsoft Intune Company Portal application to unenroll the device from management and remove any registration. Then, register the device to Microsoft Entra ID again.<br/><br/> For more information, see [Microsoft Entra register FAQ](/entra/identity/devices/faq#how-do-i-remove-a-microsoft-entra-registered-state-for-a-device-locally).| |
| 41 | +| Microsoft Entra joined | Open a PowerShell console with the administrative right on the Windows device, and run the `dsregcmd /forcerecovery` command. Select **Sign in** to sign in with your Microsoft Entra ID account. | |
| 42 | +| Microsoft Entra hybrid joined | Open a PowerShell console with the administrative right on the Windows device, and run the `dsregcmd /leave` command. Then, reboot the device and sign in to the device with your domain credential. | |
| 43 | + |
| 44 | +## More information |
| 45 | + |
| 46 | +For a full list of authentication and authorization error codes, see [Microsoft Entra authentication and authorization error codes](/azure/active-directory/develop/reference-error-codes). |
| 47 | + |
| 48 | +To investigate individual errors, go to [https://login.microsoftonline.com/error](https://login.microsoftonline.com/error). |
| 49 | + |
| 50 | +[!INCLUDE [Azure Help Support](../../../includes/azure-help-support.md)] |
0 commit comments