Error: AADSTS500571 – The guest user account is disabled
This error typically happens when your named user account (used for delegated admin access) has been added to the customer tenant as a guest user — usually from SharePoint, OneDrive, or Teams sharing.
Cause: Microsoft blocks access via guest accounts if they’re disabled or conflict with delegated access roles. This affects named users much more than dedicated service accounts.
Resolution
Option 1 – Check and Remove Guest Account in Customer Tenant
- Login to the customer’s Microsoft Entra ID portal
- Navigate to Users → Guest users
- Search for the delegated admin account (e.g., your named user)
- If found, delete the guest user record from the customer tenant
Option 2 – Use a Service Account Instead of a Named User
To avoid this issue permanently, create a dedicated service account in your partner tenant for delegated admin access.
See setup guidance: 3 – Configure Microsoft 365 Partner Admin Account
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article