SOLVED

Intune Certificate Connector Problem: Azure AD Sign-in

New Contributor

Hello,

We are a government organization trying to configure the Intune Certificate Connector for use with PKCS certificates. Everything was going good until we got to the part where it asks us to sign in to Azure AD. When we go to log in to Azure AD in the cert. connector we choose the Intune for government cloud, then try to sign in with 3 different global admin accounts that have intune licenses assigned to them and they all say they're personal accounts and will not work. Then I tried to log in with my account that has Intune administrator privileges but Microsoft says it cannot find the account.

My first question, how can we go about having Microsoft see our global admin accounts as "organization" accounts as opposed to "personal" accounts. My second question, even though all of our accounts are in the Azure AD why does my account not exist according to Microsoft? I was following this doc: https://docs.microsoft.com/en-us/mem/intune/protect/certificate-connector-install and once I got to step 6. under "configure the certificate connector" we ran in to problems using any of our accounts. We made sure all of these accounts have Intune licenses and that our accounts are all synchronized from our local AD.

 

My manager said maybe it has something to do with our tenant because we just recently upgraded our license (through CDWG) and he noticed the tenant is not linked with an Azure subscription. He mentioned he cannot do diagnostic logs because of this, so possibly we can't add a cert connector? He also explained there may be some issues with account privileges if we do license our tenant (can anyone explain this?) but since it's been working we're not sure if the license was ever applied or just recently expired due to us upgrading our license from Office 365 to Microsoft 365 G3 GCC. Any ideas and help would be greatly appreciated!

1 Reply
best response confirmed by mattchappy (New Contributor)
Solution
Answer: I was using Government cloud to log in however only specific organizations are eligible for that. Logging in via public commercial cloud was the fix even though we are a government organization with GCC licensing.