- Jamf Nation Community
- Products
- Jamf Pro
- Re: macOS Sonoma - Intune registration authenticat...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-09-2024 07:54 AM
Hi,
We are having a weird issue in our environment. Few users are not able to complete Intune registration. While triggering Intune registration from self service app, Company portal is prompting for authentication in a loop. After 3 times, it would eventually fail.
troubleshooting tried so far:
-Deleted device from AAD
-Deleted device from Intune
-Removed company portal cache and also re-installed company portal app
-Deleted the device from JAMF, removed MDM profile and re-enrolled the device
Per sign-in logs in AAD, there is a success for company portal sign-in.
Just wondering if you have experience similar issue ? Any troubleshooting would be helpful. Thanks!
Solved! Go to Solution.
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-11-2024 12:19 PM
Here is the solution from Microsoft engineer. Helped multiple users to resolve issue:
- Quit all running M365 desktop applications and the Keychain Access application.
- Open the Finder and select the Go menu, under that menu choose Go To Folder... In the Finder dialog which comes up, enter ~/Library/Keychains and press return
- There will be at least one folder in the Keychains folder whose name is a long string of numbers and capital letters. Delete all such folders by putting them in Trash. Do not delete the files whose names end in db.
- Restart the Mac
- Register your Mac to Entra ID again
4 REPLIES 4
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-09-2024 07:55 AM
Sorry, forget to add. Not using Jamf Connect. WebView is already enabled for all.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-10-2024 05:16 AM
Sounds like an issue on the Microsoft Side. The JAMF Policy for intune registration literally just runs the command below, everything else is between the Comp Portal App and Azure. One thing that is standing out. The device should not populate in Intune anymore, the device object should only exist in Azure.
/usr/local/jamf/bin/jamfAAD registerWithIntune
All that aside. Have you made sure the co-management settings are correct in Intune? If you have it set to all users, it won't work which is something I missed when setting this up a couple of months ago.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-12-2024 07:10 AM
Thanks for the response @AJPinto Co-management settings are correct. Working with MS engineer. Will update once we have a resolution. Cheers!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-11-2024 12:19 PM
Here is the solution from Microsoft engineer. Helped multiple users to resolve issue:
- Quit all running M365 desktop applications and the Keychain Access application.
- Open the Finder and select the Go menu, under that menu choose Go To Folder... In the Finder dialog which comes up, enter ~/Library/Keychains and press return
- There will be at least one folder in the Keychains folder whose name is a long string of numbers and capital letters. Delete all such folders by putting them in Trash. Do not delete the files whose names end in db.
- Restart the Mac
- Register your Mac to Entra ID again
