How do I fix this error to set a school window on my laptop

Question

Answer 1

Hi @Paige K,

Thank you for posting your question to the Microsoft Q&A forum.  

The error message “657rx - Code: 2148073494” typically occurs when Windows is unable to validate your device’s security state or user identity. This can happen after changes to device security or hardware, such as replacing components, modifying Trusted Platform Module (TPM) settings, or updating your work or school account configuration.

In some cases, the issue may also be caused by corrupted credentials, expired sign‑in tokens, or a mismatch between your device and your organization’s identity platform (for example, Microsoft 365 or Azure AD). When Windows cannot successfully verify this trust relationship, the error is triggered.

Because this is an authentication‑related issue, resolution generally involves restoring the trust relationship between the device and the associated account.

You can try the following steps to clear your credentials cache to ensure a clean reset

1. Please sign out your accounts from Office applications, then close all Office applications.   
2. Open File Explorer, paste the following path, and delete all files and folders. %localappdata%\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy   
3. In the Windows search bar, search for "Access Work or School".   
4. Check if you can see your school account in "Access Work or School".   

If you don't see it, please select Connect and add your business account.   

If you can see it, please select it and select Disconnect. After that, please click "Connect" and log into your account again to register the device.   

• Open the Control Panel on your PC.   
• Go to User Accounts > Credential Manager.   
• Under both Windows Credentials and Generic Credentials, look for any entries related to your Microsoft 365 business account and Office apps.   

• Select and remove those entries.   
• Restart your computer and try adding your account in Office again.  

Download OLicenseCleanup.vbs and run it. In this way, you can use this package to remove the license, clear the stored identities in the registry, and remove the credentials. You can follow this: Reset activation state for Microsoft 365 Apps for enterprise - Microsoft 365 Apps | Microsoft Learn to reset activation state 

Restart your device.

Reopen Office apps and sign in with the correct account.

Additionally, this error is often linked to device registration issues in Azure Active Directory (Azure AD) or Microsoft 365. It may occur if a device is incorrectly registered, listed multiple times, or blocked due to recent policy changes by your organization’s IT administrators. These inconsistencies can prevent successful authentication, triggering the error.

If the issue persists after clearing your credentials cache, please reach out to your IT admin and ask them to remove the affected device from your Azure or Microsoft 365 account and re-registering it creates a clean directory entry, often resolving trust or identity mismatches.

 

I hope this information is helpful. Please follow these steps and let me know if it works for you. If not, we can work together to resolve this.    

Thank you for your patience and your understanding. If you have any questions or need further assistance, please feel free to share them in the comments on this post so I can continue to support you. 

I look forward to your thoughts on this. 

---

If the answer is helpful, click "Accept Answer" and give it a helpful vote.

Note: Follow the steps in our documentation to enable email notifications if you want to receive email notifications related to this topic.