JAMFAAD Sign-in error

%3CLINGO-SUB%20id%3D%22lingo-sub-1338150%22%20slang%3D%22en-US%22%3EJAMFAAD%20Sign-in%20error%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1338150%22%20slang%3D%22en-US%22%3E%3CP%3EDear%20Forum%20Members%2C%3C%2FP%3E%3CP%3EI%20have%20been%20getting%20Sign-in%20errors%20for%20Mac%20users%20and%20I%20have%20no%20clue%20where%20to%20start%20for%20the%20troubleshooting.%20The%20configuration%20on%20the%20JAMF%20side%20looks%20solid.%3C%2FP%3E%3CP%3EBelow%20are%20the%20errors%20I%20have%20been%20getting%20from%20AAD%20Sign-in%20section%2C%20and%20they%20are%20for%20the%20same%20user.%20Those%20errors%20all%20point%20to%20the%20JAMF%20Native%20MacOS%20Connector.%20The%20user%20experience%20is%20that%20they%20are%20constantly%20getting%20prompted%20to%20sign%20in%20to%20Microsoft%20when%20using%20O365%20Apps%20on%20the%20Mac.%20The%20Microsoft%20Sign-in%20windows%20will%20just%20stuck%20on%20the%20page%20saying%20%22Help%20us%20keep%20your%20device%20secure%22%20with%20no%20errors.%20The%20App%20ID%20on%20this%20page%20also%20points%20to%20the%20same%20MacOS%20Connector%2C%20but%20Device%20State%20shows%20as%3A%20Unregistered.%20The%20same%20Mac%20device%20in%20Intune%20actually%20shows%20up%20as%20enrolled%20and%20compliant.%20Does%20that%20mean%20we%20need%20to%20re-register%20the%20device%20with%20Intune%3F%3C%2FP%3E%3CP%3EThank%20you%20all%20very%20much!%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CDIV%20class%3D%22azc-form-labelcontainer%20azc-text-label%22%3E%3CDIV%20class%3D%22azc-form-labelcontainer%20azc-text-label%22%3EStatus%3C%2FDIV%3E%3CDIV%20class%3D%22azc-formElementSubLabelContainer%22%3E%3CDIV%20class%3D%22azc-formElementContainer%22%3EInterrupted%3C%2FDIV%3E%3C%2FDIV%3E%3C%2FDIV%3E%3CDIV%20class%3D%22azc-form-labelcontainer%20azc-text-label%22%3ESign-in%20error%20code%3C%2FDIV%3E%3CDIV%20class%3D%22azc-formElementSubLabelContainer%22%3E%3CDIV%20class%3D%22azc-formElementContainer%22%3E50097%3C%2FDIV%3E%3CDIV%20class%3D%22azc-formElementContainer%22%3E%3CSPAN%3EDevice%20Authentication%20Required%20-%20DeviceId%20-DeviceAltSecId%20claims%20are%20null%20OR%20no%20device%20corresponding%20to%20the%20device%20identifier%20exists.%3C%2FSPAN%3E%3C%2FDIV%3E%3CDIV%20class%3D%22azc-formElementContainer%22%3E%26nbsp%3B%3C%2FDIV%3E%3CDIV%20class%3D%22azc-formElementContainer%22%3E%3CDIV%20class%3D%22fxc-section-control%20ext-drawer-basic-item%20fxc-base%20msportalfx-customHtml%20msportalfx-form-formelement%20fxc-left-label%22%3E%3CDIV%20class%3D%22azc-form-labelcontainer%20azc-text-label%22%3EStatus%3C%2FDIV%3E%3CDIV%20class%3D%22azc-formElementSubLabelContainer%22%3E%3CDIV%20class%3D%22azc-formElementContainer%22%3EInterrupted%3C%2FDIV%3E%3CDIV%20class%3D%22azc-formElementContainer%22%3E%3CSPAN%3ESign-in%20error%20code%3C%2FSPAN%3E%3C%2FDIV%3E%3C%2FDIV%3E%3C%2FDIV%3E%3CDIV%20class%3D%22fxc-section-control%20ext-drawer-basic-item%20fxc-base%20msportalfx-customHtml%20msportalfx-form-formelement%20fxc-left-label%22%3E%3CDIV%20class%3D%22azc-formElementSubLabelContainer%22%3E%3CDIV%20class%3D%22azc-formElementContainer%22%3E50058%3C%2FDIV%3E%3CDIV%20class%3D%22azc-formElementContainer%22%3E%3CSPAN%3EFailure%20reason%3C%2FSPAN%3E%3C%2FDIV%3E%3C%2FDIV%3E%3C%2FDIV%3E%3CDIV%20class%3D%22fxc-section-control%20ext-drawer-basic-item%20fxc-base%20msportalfx-customHtml%20msportalfx-form-formelement%20fxc-left-label%22%3E%3CDIV%20class%3D%22azc-formElementSubLabelContainer%22%3E%3CDIV%20class%3D%22azc-formElementContainer%22%3EThe%20application%20tried%20to%20perform%20a%20silent%20sign%20in%20and%20the%20user%20could%20not%20be%20silently%20signed%20in.%20The%20application%20needs%20to%20start%20an%20interactive%20flow%20giving%20users%20an%20option%20to%20sign%20in.%20Contact%20app%20owner.%3C%2FDIV%3E%3C%2FDIV%3E%3C%2FDIV%3E%3C%2FDIV%3E%3C%2FDIV%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1338150%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EIntune%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EJamf%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1592622%22%20slang%3D%22en-US%22%3ERe%3A%20JAMFAAD%20Sign-in%20error%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1592622%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F624018%22%20target%3D%22_blank%22%3E%40wangjueliang%3C%2FA%3E%26nbsp%3BDid%20you%20ever%20find%20a%20solution%20to%20this%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1595604%22%20slang%3D%22en-US%22%3ERe%3A%20JAMFAAD%20Sign-in%20error%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1595604%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F761710%22%20target%3D%22_blank%22%3E%40Jezper%3C%2FA%3E%26nbsp%3BI%20wouldn't%20call%20that%20a%20solution.%20The%20workaround%20is%20to%20delete%20Azure%20and%20Intune%20device%20object%20and%20let%20MacOS%20enroll%20with%20Intune%20again.%20We%20still%20don't%20know%20what%20it%20happens%20in%20the%20first%20place%20with%20NoMAD.%3C%2FP%3E%3CP%3EWhat%20is%20your%20experience%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Contributor

Dear Forum Members,

I have been getting Sign-in errors for Mac users and I have no clue where to start for the troubleshooting. The configuration on the JAMF side looks solid.

Below are the errors I have been getting from AAD Sign-in section, and they are for the same user. Those errors all point to the JAMF Native MacOS Connector. The user experience is that they are constantly getting prompted to sign in to Microsoft when using O365 Apps on the Mac. The Microsoft Sign-in windows will just stuck on the page saying "Help us keep your device secure" with no errors. The App ID on this page also points to the same MacOS Connector, but Device State shows as: Unregistered. The same Mac device in Intune actually shows up as enrolled and compliant. Does that mean we need to re-register the device with Intune?

Thank you all very much!

 

Status
Interrupted
Sign-in error code
50097
Device Authentication Required - DeviceId -DeviceAltSecId claims are null OR no device corresponding to the device identifier exists.
 
Status
Interrupted
Sign-in error code
50058
Failure reason
The application tried to perform a silent sign in and the user could not be silently signed in. The application needs to start an interactive flow giving users an option to sign in. Contact app owner.
2 Replies
Highlighted

@wangjueliang Did you ever find a solution to this?

Highlighted

@Jezper I wouldn't call that a solution. The workaround is to delete Azure and Intune device object and let MacOS enroll with Intune again. We still don't know what it happens in the first place with NoMAD.

What is your experience?