I am doing Azure Active directory integration with my MDM solution provider. After my device is Azure AD MDM enrolled to my MDM server, the sync never works,
I get an error in event viewer that failed to get AAD token for sync. I want to understand that for sync, will I receive an AAD JWT token which I am supposed to validate. When I was doing bulk enrollment using ppkg in that case I used to receive a MDM-signature
http header which I dont get now. Assuming I will receive a AAD token, why is it failing in my case. I get the following in event viewer:
MDM Session: Failed to get AAD Token for sync session User Token: (Unknown Win32 Error code: 0xcaa10001) Device Token: (Incorrect function.).
Seeing some additional errors in event viewer:
Http request status: 400. Method: GET Endpoint Uri: https://login.microsoftonline.com/0c43f031-2bf0-47d9-bd28-a8fa74a2c017/sidtoname Correlation ID: 27F72233-3F48-4047-8F93-C542E4DF4B3D
AAD Cloud AP plugin call Lookup name name from SID returned error: 0xC000023CAAD
Cloud AP plugin call GenericCallPkg returned error: 0xC0048512
Error: 0x4AA50081 An application specific account is loading in cloud joined session.
Logged at clientcache.cpp, line: 291, method: ClientCache::LoadPrimaryAccount.
Can someone please help on what could be the problem here?