VMware Workspace ONE Community
jordanjahn
Contributor
Contributor

Save Failed ErrorOccurredWhileGettingO365Credentials

In the event this helps anyone else, I wanted to post this error and solution somewhere as it took me a few weeks to resolve. Issue: When trying to connect our Azure/Intune environment with our WorkspaceOne SaaS environment to manage the Intune App Protection policies within WSO, we were getting error . This occurred when inputting an O365 admin account into the credential box under Settings or Apps or Microsoft Intune App Protection Policies or Authentication tab. Solution: We had Azure/Intune Conditional Access policies in place that were blocking access to our Azure resources and applying MFA in some cases. I had to add the admin acccount to the exclusions for both policies and that seemed to work. Hopefully this helps someone else in the future.

Labels (1)
9 Replies
henkor
Enthusiast
Enthusiast

yes,
also had this issue.
after almost month we figure out it...
did you manage to work with the App Protection policies?
Reply
0 Kudos
jordanjahn
Contributor
Contributor

Hi Hen,
We are working to install the Exchange hybrid connector in our environment which should enable us to use IAP (according to Microsoft).  We will see how that goes.
Reply
0 Kudos
henkor
Enthusiast
Enthusiast

didn't understand,
your Exchange environment right now is just onprem?
Reply
0 Kudos
jordanjahn
Contributor
Contributor

Correct, we are currently on Exchange 2013 and upgrading to 2016.  So although I am able to connect Intune with WSO to setup IAP policies now, we won't be able to test the functionality of those IAP settings until we install the Exchange hybrid connector.
Reply
0 Kudos
henkor
Enthusiast
Enthusiast

OK, now i understand.
we are almost 2 years on hybrid environment.
we trying to work with office365 apps but restricted only on managed device (+ IAP policies).
but unfortunately no one knows how to do it exactly. (configuration and actually working with it)
Reply
0 Kudos
SethStevens
Contributor
Contributor

I know this is an older post, hopefully you'll respond... but I'm running into this same issue.  Where did you go to exclude your admin user in O365/Exchange?  I've excluded it from the Azure/Intune Access Control policy via a security group, and MFA is disabled, I'm still getting this same error though.  We're 100% Exchange Online/O365 and using WS1 SaaS environment.
Reply
0 Kudos
jordanjahn
Contributor
Contributor

The admin account was only added to our multiple Conditional Access policies as an exclusion.  There was no further administration to in O365/Exchange.  Sorry for the confusion, good luck
Reply
0 Kudos
KeithHallKeithH
Contributor
Contributor

I'm going through this issue currently. We've used a service account with Global permissions read and write abilities and everything recommended here: Configure Intune Settings however, we still get the same result. We are attempting to gain the DLP compliance for Office 365 apps. Anyone have any ideas?

Reply
0 Kudos
kaamir
VMware Employee
VMware Employee

@KeithHallKeithH - You will need to first add AirWatch by VMware app in your Azure AD portal as listed here: https://docs.vmware.com/en/VMware-Workspace-ONE-UEM/2005/Intune_Integration/GUID-90365FE7-E4F5-4481-...

 

I was facing this error despite providing the Global Administrator account during integration, following the above guide & post adding the app, I was able to complete the integration.

AK