Tech Community Live: Endpoint Manager edition
Jul 21 2022, 08:00 AM - 12:00 PM (PDT)

unable to logon to Intune Device Password incorrect

Occasional Visitor

Hi,

 

We have enrolled a device into Intune but we are only able to login using the account that was used to register the device.

All other users are unable to login to Intune Azure AD joined devices (Win 10). When entering password it says "Password Incorrect". Same password works fine when they logon to the Office 365 on different computer.

In Intune portal, Devices tab shows that device as
Enabled Yes
Azure AD Joined
MDM Microsoft Intune

 

 

6 Replies
HI, we are speaking about aadj right? no haadj? Could you post a screenshot of the login page ? I guess you already tried to perform a password reset to see what happens?

It almost looks like the device lost his azure connection itself (happens when the device cert is removed as an example)
Yes it's AADJ the account used to register works fine I have reset the other account passwords but get the same error indicating incorrect password.
hi, good morning. Do you happen to have an additional local account ( or maybe trying to create one) to log in with a local account?
Are there no device configuration profiles configured that are blocking to login with an online account? seen it happened before :)

@Rudy_Ooms_MVP 

Hi Rudy,

We are also facing the same issue. When we do OOBE, user can log in for the first time (can do everything) but after that if I restart or log out, cannot log back in. It always comes up as incorrect password. The users can log in to any other office application. We use Okta as IDP but Okta is not blocking the sign in. 

Also, there are no logs we can see after the first sign in both in Okta and Azure.

Can you please assist?

Thank you

I am assuming there must be something in the aad logs ? is there any way to get to them

Almost sounds like this issue, as you were mentioning the password

When integrating Office 365 with Okta and Microsoft Intune, authentications are blocked

Hi Rudy,
Thank you for your response. I logged in with local admin account to the device to get the logs and found this in the event logs:
Http request status 400. Method: Get Endpoint Uri: https://login.microsoftonline.com/28e1a73d-f0cw-441e-80a7-1b369/sidtoname Correlation ID: 44jgrbg-kjbg0957y5
I have also set up test environment to check on this issue and found that in that environment (where there is no issue) EndPoint Uri is https://org.okta.com/openID-configuration
Difference between org and test environment is I am using PTA for test env and organisation one has ADFS.
Is there any rule that I need to add on ADFS side?