Fixed a conditional access error* caused by security enabling an untested conditional access policy on the user device level and the Entra Connect sync user for one of the domains having insufficient privileges, caused by the msds-KeyCredentialLink attribute to not being writable. The security team had enabled Entra Seamless SSO and had blocked unmanaged devices…
Tag: Microsoft Entra
Entra/Intune Sync Issue Resolution – Full Story
For over a month, our team had been fighting with an Entra Connect synchronization problem that was preventing 40 workstations from properly enrolling in Microsoft Intune. Two or three other team members had several hours each over the past few weeks troubleshooting – checking network connectivity, reviewing firewall rules, reinstalling the Entra Connect service, even…
Fixed Hybrid Intune Sync on 40 PCs
Fixed an Entra Connect Sync issue that was preventing 40 machines from enrolling into Intune properly. The issue was caused by the Sync service user having insufficient permissions to modify the msds-ConsistencyGUID AD attribute. Others had spent over 18 hours troubleshooting with no progress CONTINUE THE STORY HERE to find out how I solved this problem…
Entra Connect Sev2
Resolved a Sev2 data sync issue for Entra Connect in less than a day. The problem was caused by the security team having excessive permissions to the production Entra / Intune environment and they then consequently enabled policies that killed multiple Entra connected services due to improper permission scoping.