HTTP 404 autlogonmicrosoftazuread-sso.com

Copper Contributor

MicrosoftTeams-image (4).png

I have one user out of the 200 who are all in the same workspace/conditional access policy that gets this error every time she logs in for the first time of the day.  We have an AVD/WVD environment.  We have conditional access setup where they need to use MFA to sign in and the token is good for 16 hours.  So the workflow of this is below.

 

In the remote desktop app click on an app in the workspace to launch it.

o365 window pops up with the users email address listed

Click on users email listed

Get error message instead of prompt for password then MFA

 

If the user clicks on use other account and manually enters her email address it will then prompt her for password and MFA. 

 

We used to get this kind of issue every now and then but it was an STS error and you would get around it using the same method as above but now the error seems to be the HTTP 404 error and for this user it happens every day where on rare occasions when it happens for another user it happens once and then goes away after signing in.  Every once in a while for the problem user it will work like normal where she can just click on her email that's listed instead of typing it in so I would imagine that rules out any policy/workspace issues. 

 

I have removed her Microsoft account

reset remote desktop data/ reinstalled the app

removed cached credentials

Setup a whole new laptop for her to try and ran into the same issue on that

 

I cant find much about why this error pops up online and when I opened up a ticket with azure support they wanted me to build a whole new workspace and C/A policy just for her to see if was an issue with one of those setups.... I have 200 people who it works as expected for and for a couple years it was working as expected for this user up until a couple months ago.  Any ideas are appreciated.  Thanks!

 

2 Replies

@jholmquist 

Are you using some kind of certificate for auth? I hit the similar and finally observed it was because cert server cannot be reached in 1st auth

we are not using a certificate @Kidd_Ip