Allowing AAD login from any tenant in Orchard.OpenId (otherwise without Orchard modifications logins from no AAD tenant would work)

src/Orchard.Web/Modules/Orchard.OpenId/OwinMiddlewares/AzureActiveDirectory.cs

@@ -92,9 +92,12 @@ namespace Orchard.OpenId.OwinMiddlewares {
                         return Task.FromResult(0);
                     }
                 }
-
             };
 
+            // Allowing login from all AAD tenants (so with any Microsoft ID). We'd need to list all possible AAD tenants 
+            // here otherwise.
+            openIdOptions.TokenValidationParameters.ValidateIssuer = false;
+
             if (azureWebSiteProtectionEnabled) {
                 middlewares.Add(new OwinMiddlewareRegistration {
                     Priority = "9",