6 thoughts on “FIX Intune Company Portal App Login Issues with Windows 10/11”

  1. Anoop, have you experienced Windows Phone 10 devices losing EAS policy after they are upgraded to Windows Phone 10 1607? We have noticed that some of our phones are being updates over the air by the carrier to Phone 10 1607 and once they receive the update, they begin losing the ability to access their email and none of SCCM Baselines are being applied

    Reply
  2. We were able to fix this issue adding AAD.brokerPlugin system app on the device. we had couple of devices where AAD broker plugin app was missing, and issue is fixed after adding it by running below command.

    – Check AAD.brokerPlugin app status
    Get-AppxPackage -Name “*AAD.BrokerPlugin*”

    – Command to add the missing app.
    Add-AppxPackage -Register -Path C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\AppxManifest.xml -DisableDevelopmentMode

    Reply
  3. Dear Anoop
    I also have this problem with my company’s network, new employess can’t activate via the M365 Office suite. But if connecting to another network is normal, I should check where in my company’s network, my company uses a firewall Juniper and a load balancer is Peplink devices.
    I really appreciate your reply
    Parker

    Reply
  4. Hi

    We are having this issue

    Error: 0xCAA5001C Token broker operation failed.
    Operation name: GetTokenSilently, Error: -895352830 (0xcaa20002), Description: AADSTS65002: Consent between first party application ‘a40d7d7d-59aa-447e-a655-679a4107e548’ and first party resource ‘00000002-0000-0000-c000-000000000000’ must be configured via preauthorization – applications owned and operated by Microsoft must get approval from the API owner before requesting tokens for that API. Trace ID: 32eeb378-9377-4c87-9fb0-a4b2000b7400 Correlation ID: e0320c8d-091c-46ce-bc7f-ef58993c58fe Timestamp: 2025-01-09 18:53:17Z
    Logged at WebAccountProcessor.cpp, line: 652, method: AAD::Core::WebAccountProcessor::ReportOperationError.

    When I try to login to Company Portal I get this error:
    “Your company support needs to you access to company resources
    Your company is using Windows Information Protection policies to protect your device. Your company support will need to make sure they allow the Company Portal to access those resources.”

    When I go to settings I see some weird policies even though I have disabled most of the configuration profiles
    *Data Protection
    *NetwokrIsolation

    There is also a section called Connection Info
    Management Server Address
    https://r.manage.microsoft.com/devicegatewayproxy/cimhandler.ashx

    Reply
  5. I found the solution in the end.

    Some silly IT guy (ex-employee) in my company had configured “App protection policies” which apparently blocked the Company Portal app.

    Got to love it when a random IT guy makes changes and does not bother to test the very basic functionality but proceeds to configure a bunch of complicated settings and then leaves the company without deleting all his silly configurations…..

    I had disabled all his silly configurations but I missed the “App protection policies”

    Reply

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.