401 and 403 error when logging into endpoint admin center

New Contributor

We have an on-prem AD with ADD Connect, AD SSO and AD Hybrid joined computers in place. We're currently using SCCM for our MDM solution but would like to dip our toes in the InTune waters.  We can log into MS Endpoint Manager Admin Center as an Azure global admin, however, we're getting 401/403 errors (ie: 'no permissions' and 'Contact your Intune administrator to get access to client apps data'). The Intune tenant status says: Account Status = Unknown, Service Status = Healthy, Connector Status = Unknown.

Any suggestions or tips would be appreciated.

6 Replies

@philpreece I have the same problem!!!


We managed to resolve the issue by activating the basic mobility and security service as described here. The activation took a few hours to kick in.


Thank you very much!!! It Works!!!

We really appreciate your help!



your welcome.

i have to say its not very well documented and we only stumbled across it after a lot of googling.

I absolutely agree, I spent a couple of hours also googling and if I don't see your post I would still spend time ... thank you very much again!!!
We are having the same issue, but we are trying to access it through Intune Connector server. We can access otherwise from our computers, but through the Intune Connector server we are not able to. So, what needs to be done in order to have this working when we access through Intune Connector server. Is there a specific firewall rules or something that needs to be done in order to access it? As, we are trying to download the Intune connector after logging into endpoint management server.