Continous Re-Authenticate Android Devices

Sjoerd 1 Reputation point

We've a problem with Applying Conditional Acces, and Android Devices.

"UserA@keyman .com" is a member of group "GroupA". GroupA has some Conditional Acces Policies

  1. Restrict SharePoint
  2. Block Legacy

So the What If results are

alt text

The problem is that the users of GroupA have to re-authenticate every 1 or 2 hours on a Android Device.

The Error in Azure-AD is

alt text

On iOS (Same Conditional Acces Policy) the problem does not excist.

First I thought that my ADFS infrastructure was the problem, because (test)users like userb@keyman doesn't have the problem.

So last week we migrated from ADFS to Passtrough Authentication. But the problem still excist.

Tried so far

  • Excempt ADFS infrastructure
  • Multiple Android Version (5,7,9)
  • Multiple Users (@* accounts does not have the problem)
  • iOS devices (no problems)
  • Windows devices (no problems)
  • Registred Android device (work profile) (Also works fine)
  • Change passwords
  • Contact Microsoft (Conditionial Acces policies are fine, please contact Android Outlook)

Can somebody get me in the right direction ?

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
13,678 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Marilee Turscak-MSFT 22,461 Reputation points Microsoft Employee

    It seems like it might be unable to check for compliance, or there might be a policy or control in place that could be causing this.

    Are you able to pull the Azure AD sign-in logs and compare the authentication attempts?