com.jamf.aad.errors code=1

mucgyver-old
New Contributor III

This error shows up in JSS log while trying to register device with Microsoft Company Portal (which installation worked fine). The device shows up fine in intune portal nevertheless. Anyone ever crosses that error message and knows how to remediate this? Thanks.

Best regards
Christian

12 REPLIES 12

patrickj
New Contributor III

I'm also having this issue with two devices. They throw this error but they still show up in Intune. Throws Unknown Error under the macOS Intune Integration Logs. If I review the policy logs for registration it also shows {com.jamf.aad.errors code=1}. The system(s) are user approved MDM. They were checking in and running policies correctly.

405c17d3f8c5402d8dc55a32229e79f2

62582d9f6ca84c53b56fdcde51434241

hdsreid
Contributor III

i just had this pop up for a user and this is a new one...

@patrickj or @cbednarzwd did either of you get this working?

patrickj
New Contributor III

Not yet. I have a ticket open with Jamf. I’m trying to reproduce again and get a sysdiagnose to upload for troubleshooting purposes.

hdsreid
Contributor III

@patrickj thanks...i'm gonna need to open a ticket when i get in tomorrow morning and I will reference this thread. i was reading up on using sysdiagnose to capture the AAD logs; fortunately the one user that has this issue (so far knock on wood) is in IT, so it shouldn't be too painful to get this done in a short time

mucgyver-old
New Contributor III

@hdsreid , try this:
Let user check https://myworkaccount.microsoft.com/device-list and kick out all entries (current and obsolete ones, if any).
Then try register device again. In our case, we had some obsolete entries in there which seem to have prevented proper registration.
Hope that helps.

hdsreid
Contributor III

@cbednarzwd thank you, i will give this a try. attempted to remove them from admin side, but it didn't seem to do the trick, i'll see if the user sees anything

hdsreid
Contributor III

@cbednarzwd thank you for the advice...i did manual cleanup on the user's keychain and he had InTune records over 2 years old that are pre-Jamf lol
user reporting he is good to go, didn't even need a support ticket :)

LangStefan
New Contributor III

any updates on this?

mucgyver-old
New Contributor III

I think we had to delete all macOS device records for this Mac out of intune, then start registration from scratch. Best regards.

Ashok_A
Contributor

I had a chat with a few Jamf engineers on this issue. It turns out that some have seen an issue that has seen a very similar issue. Can you please go to the Conditional access setting in Jamf Pro and uncheck the box and save it. Once it has been saved go back in and enable it again. This process only turns off it in Jamf for a moment. This is meant to kick start it again, we need to see to allow that submission to take place. Jamf uses the Azure AD ID when it sends data to intune.

mucgyver-old
New Contributor III

@Ashok, thanks for letting me know. Will try that once the issue reappears. For the moment, we are fine and got all resolved. Best regards.

Christina
New Contributor II

Just a quick note - Safari must be the default browser. :)