Jamf Nation Community

We have the same issue with a small percent of our users. It happens only with New Teams. In most cases users have been successfully signing-in for an extended period then suddenly cannot get past the "Welcome to Teams" window. All other MS apps work as expected for SSO. We have tried all standard troubleshooting steps. uninstall/reinstall, delete caches related to Teams/Office, clear Keychain items related to Teams/Office. It isn't related to a certain Teams or macOS version as we have seen the issue on various versions of both. We have even complete wiped a Mac, re-provisioned and the issue returned for that user a short time later. We have had a ticket open for weeks with MS and have gotten nowhere as usual. In some cases the user can randomly start using Teams as expected a few days/weeks after the issue. 

Check this thread in the macadmins Slack: https://macadmins.slack.com/archives/C70CN1UUC/p1714582854943809.

This one has been working for me.  I have a few more URLs than you do.

We recently deployed the SSO plug-in, as well. At the time, we didn't realize it was related to Teams, specifically, but we did find something that worked to fix it (or band-aid fix it, maybe... too early to tell!). What we do see (not sure if this is the same thing y'all are seeing) is that EVERY application that uses MS SSO starts prompting like this:

How we've fixed it:

1. Close Teams if it's open
2. Open the Keychain Access application and search for Microsoft
3. Delete anything with "certauth.login.microsoftonline.com" in it (there's always one, may be two)
4. Delete anything with "accesstoken" in it (there's usually a BUNCH of these)
5. Close Keychain Access
6. Retry Teams

This has worked in about 95% of the "broken" folks we've had. Of course, it requires a call to the helpdesk which we're trying to avoid, so hopefully MS can fix this sooner rather than later.....

We've also seen other issues with the certificates in Firefox... and those are fixed in a similar fashion (but inside the app):

1. Open Firefox
2. Open settings
3. Search for certificates and click "View Certificates"
4. Click on Authentication Decisions
5. Delete the certauth.login.microsoftonline certificates (we usually see 2 or 3)
6. Click OK
7. Close Firefox

Have you found a solid working solution for this that fixes the root cause? 

I, too, am interested in an actual solution to this problem. My users liek having the SSO config profile as it lessons the login windows in the environment but not being able to login to Teams or outlook is a issue and it seems it does nto affect everyone just a random subset of users usually at time of password change.  

Has anyone found any solutions to this issue?

In addition to the SSO policy check with your Network Security team to ensure the following URL are NOT being inspected. 

• app-site-association.networking.apple
• app-site-association.cdn-apple.com

If you go to the following link and scroll down to the Validate Networking Configuration on macOS device you will see it is mandate to not TLS inspect the domains above, I recently found our environment was inspecting these domains which was causing inconsistent connection. We have since bypassed them and are seeing a better performance.