Share via

Tenant Attach issues

Darren Hitchen 1 Reputation point
2022-08-18T09:24:48.21+00:00

Microsoft Support has had 6 months and 3 tickets to resolve this and they have yet to identify the root cause

Tenant attach is throwing errors
The account used to join is domain and azure and an admin on both SCCM and Azure
The firewall has been put into deep analysis for any problems for traffic and comms via site to eu.
Enabling tenant attach now in SCCM throws this error:
AADSTS700016: Application with identifier 'app-id' was not found in the directory 'Site'. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.
The API is created in Azure and the correct permissions are set by SCCM on the API
Further comms between SCCM and Azure/Intune show the following error

[OnboardScenario] Response from https://eu.gateway.configmgr.manage.microsoft.com/api/gateway/AccountOnboardingInfo is: 400 (Bad Request) SMS_SERVICE_CONNECTOR_CMGatewayNotificationWorker 17/08/2022 16:25:16 133 (0x0085)
[Critical][CMGatewayNotificationWorker][0][System.Net.WebException][0x80131509]
The remote server returned an error: (400) Bad Request. at Microsoft.ConfigurationManager.ServiceConnector.ExtensionMethods.<GetResponseAsync>d__13.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.ConfigurationManager.ServiceConnector.ExtensionMethods.<GetResponseAsync>d__11.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.ConfigurationManager.ServiceConnector.ExtensionMethods.<GetResponseAsync>d__10.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.ConfigurationManager.ServiceConnector.AccountOnboardingWorker.<DoOnboardScenarioAsync>d__19.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at Microsoft.ConfigurationManager.ServiceConnector.AccountOnboardingWorker.<DoOnboardScenarioAsync>d__19.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.ConfigurationManager.ServiceConnector.AadServiceConnectorWorker.<DoWorkAsync>d__16.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.ConfigurationManager.ServiceConnector.ServiceConnectorWorkerBase.<ExecuteAsync>d__75.MoveNext() SMS_SERVICE_CONNECTOR_CMGatewayNotificationWorker 133 (0x0085)

I have verfied opening of https://eu.gateway.configmgr.manage.microsoft.com/api/gateway/AccountOnboardingInfo is ok from SCCM server in webbrowser

Any help greatly recieved

Microsoft Security | Intune | Other
0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.