Hi all,
Today I enabled Azure MFA using Conditional Access for some of our users.
When I enabled Azure MFA, some users couldn't open Outlook or Teams anymore showing a white "Accounts (Not Responding" window.
Some more info about the clients
- Windows 10 Enterprise
- Hybrid Joined - Co managed
- Credential Guard
- BitLocker
- Defender For Endpoint (passive mode)
Things I tried
- Reset the AAD Broker plugin (removed the folder & let it create again) -> did not solve the issue
- Removed the device on Azure AD, Did a dsregcmd /leave, forced an AD Connect sync, Ran the workplace join task)
At this point Teams seemed to be back in business, Outlook still wasn't able to authenticate & sign out and sign in again in other office apps (like Word) didn't work either
- Outlook was unable to authenticate
- Creating a new profile in Outlook failed autodiscover
- Outlook didn't show a pop-up for authentication but kept the profile loading.
- Tried clearing the Office/16.0/Common/Identities branch on the devices
- Tried running the if (-not (Get-AppxPackage Microsoft.AAD.BrokerPlugin)) { Add-AppxPackage -Register "$env:windir\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml" -DisableDevelopmentMode -ForceApplicationShutdown } Get-AppxPackage Microsoft.AAD.BrokerPlugin
command, received the TPM not working, couldn't find key pair.
* A reboot seems to fix the issue
I managed to get things back like they were, but i'm still looking for a root cause to mitigate before rolling out MFA to 2000 users.
Has anyone an idea what could be going wrong? The devices that worked didn't seem to have Credential Guard enabled, but I can't seem to find threads / articles from others experiencing these issues.
Any help is greatly appreciated!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(217.60000000000002, 55.00000000000001%, 31%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EK%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 81%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)