Hi all,
Yesterday I enabled Azure MFA using Conditional Access for some of our users.
When I enabled Azure MFA, some users couldn't open Outlook or Teams anymore showing a white "Accounts (Not Responding" window.
Some more info about the clients
Things I tried
Reset the AAD Broker plugin (removed the folder & let it create again) -> did not solve the issue
Removed the device on Azure AD, Did a dsregcmd /leave, forced an AD Connect sync, Ran the workplace join task)
At this point Teams seemed to be back in business, Outlook still wasn't able to authenticate & sign out and sign in again in other office apps (like Word) didn't work either
Outlook was unable to authenticate
Creating a new profile in Outlook failed autodiscover
Outlook didn't show a pop-up for authentication but kept the profile loading.
Tried clearing the Office/16.0/Common/Identities branch on the devices
Tried running the
if (-not (Get-AppxPackage Microsoft.AAD.BrokerPlugin)) { Add-AppxPackage -Register "$env:windir\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml" -DisableDevelopmentMode -ForceApplicationShutdown } Get-AppxPackage Microsoft.AAD.BrokerPlugin
command, received the TPM not working, couldn't find key pair.
* A reboot seems to fix the issue
I managed to get things back like they were, but i'm still looking for a root cause to mitigate before rolling out MFA to 2000 users.
Has anyone an idea what could be going wrong? The devices that worked didn't seem to have Credential Guard enabled, but I can't seem to find threads / articles from others experiencing these issues.
Any help is greatly appreciated!
