login.microsoftonline.com blocked

[connorjfarrell]

Tool used (pick one):

• [ ] uBlock Origin
• [ ] Adguard for iOS
• [ ] Adguard for Android
• [ ] Adguard Browser add-on/extension
• [ ] Brave Ad Block
• [ ] PiHole
• [x] Adguard Home

What service are you trying to use?' Attempting to log into a managed gmail account w/ microsoft SSO integration (university email account).

What does not work? It appears that part of the microsoft SSO flow has DNS records referring to trafficmanager.net. Login fails at the login.microsoftonline.com step.

Which rule you believe is causing this? It appears that the rule for ||trafficmanager.net^ is causing microsoft login to fail.

AGH Logs

Details for the block:

In text form: Response details Status Blocked by CNAME or IP DNS server 149.112.112.112:53 Served from cache Elapsed 0.43 ms Response code NOERROR Rule(s) ||trafficmanager.net^ ph00ot0 blocklist Response A: 0.0.0.0 (ttl=10) Original response CNAME: login.mso.msidentity.com. (ttl=160) CNAME: ak.privatelink.msidentity.com. (ttl=160) CNAME: www.tm.ak.prd.aadg.trafficmanager.net. (ttl=160) A: 20.190.190.130 (ttl=160) A: 40.126.62.129 (ttl=160) A: 20.190.190.196 (ttl=160) A: 40.126.62.131 (ttl=160) A: 40.126.62.130 (ttl=160) A: 20.190.190.193 (ttl=160) A: 20.190.190.132 (ttl=160) A: 20.190.190.129 (ttl=160)

After manually adding an override rule for login.microsoftonline.com, login works again. Added rule: @@||login.microsoftonline.com^$important through adguard's gui.

See DNS queries, first is before adding override rule, second is after