Intune/Company Portal Constant popups

Copper Contributor

Hey We're trying to use intune for our mostly catalina and Bigsur macos fleet, and we're noticing on multiple peoples machines that they'll get regular popups mentioning they need to approve Profiles/MDM.

joshdoty_0-1629912564660.png

Even after using their finger/password to approve the changes, they'll get new pop ups. 

I don't see any mention in the system.log regarding this popup.

If I look in the Intune MDM logs the only regular errors that i see are regarding a "microsoft.com requires a client cert" but i'm not sure if this is related. 

 

NSLocalizedDescription=The Internet connection appears to be offline., NSErrorFailingURLStringKey=https://manage.microsoft.com/RestUserAuthLocationService/RestUserAuthLocationService/Certificate/Ser..., NSErrorFailingURLKey=https://manage.microsoft.com/RestUserAuthLocationService/RestUserAuthLocationService/Certificate/Ser..., _kCFStreamErrorDomainKey=1})
error 1: authenticationError(Error Domain=NSURLErrorDomain Code=-1206 "The server “manage.microsoft.us” requires a client certificate." UserInfo={NSLocalizedDescription=The server “manage.microsoft.us” requires a client certificate., NSErrorFailingURLStringKey=https://manage.microsoft.us/RestUserAuthLocationService/RestUserAuthLocationService/Certificate/Serv..., NSErrorFailingURLKey=https://manage.microsoft.us/RestUserAuthLocationService/RestUserAuthLocationService/Certificate/Serv..., _NSURLErrorRelatedURLSessionTaskErrorKey=(

 


_NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <####.>.<####>, NSUnderlyingError=0x7fe4e552daf0 {Error Domain=kCFErrorDomainCFNetwork Code=-1206 "(null)" UserInfo={NSErrorPeerAddressKey=<CFData 0x7fe4e565bb30 [0x7fff807deb70]>{length = 16, capacity = 16, bytes = 0x100201bb17610d070000000000000000}}}})
error 5: authenticationError(Error Domain=NSURLErrorDomain Code=-1206 "The server “manage-selfhost.microsoft.com” requires a client certificate." UserInfo={NSLocalizedDescription=The server “manage-selfhost.microsoft.com” requires a client certificate., NSErrorFailingURLStringKey=https://manage-selfhost.microsoft.com/RestUserAuthLocationService/RestUserAuthLocationService/Certif..., NSErrorFailingURLKey=https://manage-selfhost.microsoft.com/RestUserAuthLocationService/RestUserAuthLocationService/Certif..., _NSURLErrorRelatedURLSessionTaskErrorKey=(

 

2 Replies
Hi joshdoty,
I'm having similar issue, have you managed to resolve it some way?

Thanks,
Carlo
Hey Carlo,
We determined the error was due to a SCEP certificate authentication issue. My guess is that our macos clients kept trying to authenticate to our SCEP server and would fail and constantly show this popup window to try and authenticate to the server to generate the cert.
I would check all of your MDM profiles and make sure any certs or credentials that you use/provide are valid.
And if you've done this try removing all profiles and slowly add them back one by one to try and recreate the issue.