2400 error something went wrong - Certificate based access.
Hi all, we recently deployed CBA for pretty much all Microsoft related services, including Intune device management. Obviously there are carveouts for specific cases that allow enrollment of the device, but beyond that, it seems like many windows devices are not able to maintain the connection to Intune due to CBA. The first symptom seen was that Outlook (signed in via some connection that Windows makes by being enrolled) throws up an error 2400 like the screenshot attached. On the Entra side, we see a Sign-in error code 500187, and the Conditional Access failure is as attached. During this time, the user is still able to use web-based Microsoft apps in the browser. On the device authenticating there are both a Device and a User certificate assigned to Client Authentication, and the Device certificate also does server authentication and secure email. Syncing Company Portal can fix the issue temporarily, but the problem often returns. At some point, the company portal sync solution will fail, at which point we'll revoke all sessions and then logging into Outlook anew fixes the issue. If you need more information, I will provide what I can