AAD Device x Android Issue

If the user can sign in to their O365 account, then the issue is outside IAM scope. However, we have observed similar problems on Samsung and Honor devices. Some background:

These vendors, along with others we may not be aware of, recently introduced the "Link to Windows" app as a broker for Microsoft accounts. In our environment, the correct broker on Android should be "Company Portal". What happens instead is that "Link to Windows" overrides Company Portal as the broker, which leads to downstream sign-in issues like the one seen here.

Since we cannot directly access the device, site IT will need to assist and ensure each step is completed correctly. Please record a video in case escalation to Microsoft Support is required.

Step 1 - Sign Out of Microsoft Apps Open Outlook and sign out of the work account. Do the same for Teams, OneDrive, and any other Microsoft work apps.

Step 2 - Clear App Storage Go to Settings > Apps and clear storage (not just cache) for these apps: Link to Windows Company Portal Microsoft Authenticator

Step 3 - Disable or Uninstall Link to Windows Go to Settings > Apps > Link to Windows. If Uninstall is available, choose it. If not, select Disable.

Step 4 - Force Stop All Apps In Settings > Apps, force stop: Link to Windows Company Portal Microsoft Authenticator

Step 5 - Sign In to Company Portal First Open Company Portal and sign in with the work account. Wait until setup completes. This must be the first Microsoft app you sign in to.

Step 6 - Sign In to Authenticator Open Microsoft Authenticator and sign in or add the work account.

Step 7 - Sign In to Outlook Open Outlook and sign in with the work account. It should now authenticate normally.

Step 8 - Adjust Battery Optimization Disable battery optimization and allow background activity for the related apps.