Mar 26 2020 06:15 PM
Device identifier: Not available
Device platform: macOS
Device state: unregistered
Is anyone else seeing this. I tested from a 2nd Mac and am seeing the same thing. I've also tried enrolling the device multiple times and even resetting the computer.
Mar 27 2020 06:13 AM
Apr 01 2020 03:54 AM
@careyjung - Seeing the same on a newly updated Mac. Did you ever find a solution to this?
Apr 01 2020 05:14 AM
@ollie_bk It's still broke. I think we have to wait and hope for a fix in 10.15.5. Or maybe it's an Entune issue? Not sure. For now, I've just unchecked all the boxes (Contacts, Calendar, etc.) for Exchange in Internet Accounts to make it inactive. Which means, of course, I can't use any of the native Mac apps for email, contacts, or calendars in Exchange.
Apr 01 2020 09:57 AM
Solution@ollie_bk Still no fix. Microsoft and Apple would need to acknowledge the issue before a fix will be worked on. If someone from Microsoft is working on this then please acknowledge here so that we can know this is being worked on.
Apr 03 2020 02:48 AM
Yes, exact same issue here. Exchange and Chrome have no issues but all Mac applications (Mail, Safari) won't work.
Hope there's a quick fix for this
Apr 03 2020 04:20 AM
Apr 03 2020 01:18 PM
Same issue here. It keeps asking to enroll. The only work around that I have found it to VPN to your corporate office (where your Intune/JamF/SelfService Servers are located are located) then you will be able to use email. I have noticed that the Authentication seem to stay for 30 minutes if you disconnect you VPN.
This is a real pain... This should have been test better by the Security teams so that it can work from the Internet and inside your business networks.
Apr 06 2020 12:44 AM - edited Apr 06 2020 04:18 AM
@Aaron Marks Same here, been testing within our own org and seem to confirm that was introduced in 10.15.4 (and not fixed in current beta 1 for 10.15.5). Oddly, this seems to work for some people on 10.15.4.
10.15.4 introduced this feature, which sounds somewhat adjacent: "OAuth authentication support with Outlook.com accounts for improved security". It could be that the new Exchange implementation in Catalina mistakes O365 accounts for consumer Office.com accounts, but that is pure speculation on our side.
Apr 06 2020 03:34 AM
We got the same problem in our company.
macOS Version 10.15.4
App name: Any Application that needs the enrolled management profile
Device identifier: Not available
Device platform: macOS
Device state: Unregistered
I've not worked out if it is a problem from Apple or Microsoft.
Apr 06 2020 07:04 AM
If this is happening only for some people and not for others then I'd imagine that it has to do with a conditional access requirement that affect some people and not others.
Apr 06 2020 08:05 AM
We have the same issue.
We also have conditional access and suddenly they are prompted to enroll/be compliant, even though they are.
It appears to only happen with macOS app logins like mail/calendar, as Outlook is working fine. So @thinklad yes it might be related to this change.
Apr 06 2020 08:15 AM
Same problem here. Exchange connection dosen't work with the macOS native apps like Mail, Calendar and so on.
Right after the update to 10.15.4 there wasn't any problem. It all started with a password change of the Azure AD account today.
All other apps like Outlook, OneNote, Teams work fine. Safari also dosen't have a problem with MSFT sites like this one or yammer.
The app Airmail still works. Looks like the problems is limited to "internet accounts".
Apr 06 2020 06:15 PM - edited Apr 08 2020 07:06 PM
Microsoft pushed Company Portal 2.3.200301 as part of the Slow Ring sometime on 6 April; once the update is installed, it looks like for us, authenticating first while on the corporate VPN (so Conditional Access doesn't apply) allows to get a more durable OAuth token even once disconnected from the corporate network (tested by a few of my colleagues over the past few hours, now testing on my machines).
Update: it looks like the issue persists after all, I had to re-authenticate after about an hour. Sorry about the false hope.
Update 2: the workaround seems to work for users that have a single macOS machine (with or without iCloud Keychain enabled) but fails for users with multiple macOS devices + iCloud Keychain sync, presumably because the Keychain sync attempts to copy the original OAuth token to other Macs, triggering the re-auth. Nope.
Apr 08 2020 07:08 PM
After the latest macOS 10.15.4 Catalina Supplemental Update the issue seems to worsen for some users: the 'Enroll now' issue has expanded to Teams and OneDrive for Business for several users.
Apr 09 2020 12:29 AM
I installed the supplemental update but for me it is exactly the same behaviour as before. Everything works except macOS native apps for O365 Exchange account with Intune management.
Apr 09 2020 05:25 AM - edited Apr 09 2020 05:26 AM
Same for me. No change in behavior.
Apr 09 2020 10:44 AM
The Mac update to 10.15.4 did NOT resolve my issue either.
I believe there is an issue with Intune identifying machine correctly. I select "corporate", but does not seem to work.
https://portal.manage.microsoft.com/devices/
Apr 09 2020 01:27 PM
Apr 15 2020 05:49 AM
Does anybody know that this issue was acknowledged either by Microsoft and/or Apple and they are working on a fix?
If not can anyone file a bug or open a support ticket?
Apr 01 2020 09:57 AM
Solution@ollie_bk Still no fix. Microsoft and Apple would need to acknowledge the issue before a fix will be worked on. If someone from Microsoft is working on this then please acknowledge here so that we can know this is being worked on.