Issues with register devices in Intune

Enexis
New Contributor II

We use Jamf Pro and have an integration with Conditional Access to register Macbooks within Microsoft Intune.
We have recently started receiving this error message and have not been able to resolve it. Who can help me think about how we can tackle this issue?

9 REPLIES 9

Enexis
New Contributor II

e43210ce-1017-4da0-91e8-b8e5e5a6d9cc.jpg

AJPinto
Honored Contributor III

Its a problem with the Comp Portal App, I would suggest starting with following Microsoft troubleshooting doc linked below. This specific error is something to do with the broker function of the Comp Portal. However, for the love of God skip the first two steps of removing the MDM profile and Jamf framework, I'm not sure what clown put that in there.

 

Troubleshooting Jamf Pro integration with Microsoft Intune - Intune | Microsoft Learn

I know it is unrelated to this thread, but speaking of clowns giving bad advice at MS. We had a ticket open a week or two back related to the Data Collection notices issues for AutoUpdate. It was related to the deprecated key in the config profile. Anyway, the MS "Mac Specialist" that was assigned the ticket gave the info below to resolve the issue. 1000% not related and why the hell is MS telling users to disable SIP?!?!?! I asked our TAM about it but it will go unanswered as usual. SMH.

 

"Disable System Integrity Protection (SIP):

Boot your Mac into Recovery Mode (hold down Command+R during startup).

Open Terminal from the Utilities menu.

Type the command csrutil disable to disable SIP, which may allow you to address the issue2.

Remember to exercise caution when modifying system settings, especially if you’re dealing with administrative permissions. If you encounter any roadblocks, professional assistance from Apple Support is recommended."

"clowns giving bad advice"....LOL LOVE it! 

Keith_L
New Contributor III

Have you tried removing this computer object in Intune and then re-registering using company portal app on the mac??

Enexis
New Contributor II

yes already done.

Enexis
New Contributor II

Object does not yet exist in Intune and Azure AD

Enexis
New Contributor II

In Azure AD we got the following message:

Failure reason
Broker app needs to be installed for device authentication to succeed.

Ellitex
New Contributor

I have the same issue 

Failure "Broker app needs to be installed for device authentication to succeed."

Error code: 501271

 

It works for me in Poland after this command typed in terminal "defaults write com.jamf.management.jamfAAD useWKWebView -bool true"

 

However for other locations company portal is just crashing with error and i have the same error code on intune side.

Conditional access policy is set to report only so it cannot block anything.

 

In case you have a solution for this please share it here. Screenshot 2024-05-14 at 2.38.40 PM.png