Sign in with Microsoft
Sign in or create an account.

Symptoms

When a device is Workplace Joined by using the Microsoft Azure Device Registration Service (DRS), a sync-latency occurs when synchronizing the device object back to the on-premises directory.

In this situation, when the user of that device tries to authenticate through Active Directory Federation Services (ADFS) to gain access to some resources (for example, Office 365 resources like SharePoint, Exchange Online), ADFS will block that authentication, because there is no device object in the on-premises directory.

In another situation, the ADFS server administrator decides to disable the back-sync function. Here, the device object will also not exist in the on-premises directory. This causes the same blocked authentication for the user on the Workplace Joined device.

Resolution

To resolve this issue, install update 2955164. For more information about how to obtain update 2955164, click the following article number to view the article in the Microsoft Knowledge Base:

2955164 Windows RT 8.1, Windows 8.1, and Windows Server 2012 R2 update rollup: May 2014

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

More Information

For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:

824684 Description of the standard terminology that is used to describe Microsoft software updates

Need more help?

Expand your skills
Explore Training
Get new features first
Join Microsoft Insiders

Was this information helpful?

What affected your experience?

Thank you for your feedback!

×