locked
Store for Business and Users with Multi-Factor Authentication RRS feed

  • Question

  • I have followed the "Manage apps from the Microsoft Store for Business" documentation at https://docs.microsoft.com/en-us/sccm/apps/deploy-use/manage-apps-from-the-windows-store-for-business, and in most cases can successfully deploy online apps to device collections where the Store app is disabled by group policy.  PCs are domain joined, and are automatically registering in Azure AD as "Hybrid Azure AD Joined".

    My issue is that the app install fails when a user with Azure AD MFA enabled is logged on.  On the same PC, I can have multiple user accounts log on, and have the apps correctly install within 1-2 minutes.  But as soon as a user with MFA logs on, it fails with the below messages in AppEnforce.log, whether it is a required and silent deployment or the user initiates it manually through Software Center.

    Is deploying Microsoft Store for Business apps in this way not supported when using MFA?

    AppXHandler::EnforceApp failed (0x80041001).

    AppProvider::EnforceApp - Failed to invoke EnforceApp on Application handler(0x80041001).

    CommenceEnforcement failed with error 0x80041001.

    Method CommenceEnforcement failed with error code 80041001

    ++++++ Failed to enforce app. Error 0x80041001. ++++++

    Friday, May 4, 2018 4:45 PM

Answers

  • Hi,

    What's the version of your SCCM ?

    0x80041001: Generic failure   Source: Windows Management (WMI)

    I saw some information about the "Multi-factor Authentication (MFA)":
    https://docs.microsoft.com/en-us/sccm/mdm/deploy-use/set-up-additional-management

    I didn't see a similar issue.
    Maybe it's as you said, there are some mistike for using the MFA.
    You also could submit the same question in the Intune forum for more support.


    Please remember to mark the replies as answers if they help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Edited by Yuxiang Shi Wednesday, May 30, 2018 2:04 AM
    • Proposed as answer by Yuxiang Shi Wednesday, May 30, 2018 2:04 AM
    • Marked as answer by ryanm76 Wednesday, May 30, 2018 12:29 PM
    Wednesday, May 9, 2018 9:51 AM

All replies

  • Hi,

    What's the version of your SCCM ?

    0x80041001: Generic failure   Source: Windows Management (WMI)

    I saw some information about the "Multi-factor Authentication (MFA)":
    https://docs.microsoft.com/en-us/sccm/mdm/deploy-use/set-up-additional-management

    I didn't see a similar issue.
    Maybe it's as you said, there are some mistike for using the MFA.
    You also could submit the same question in the Intune forum for more support.


    Please remember to mark the replies as answers if they help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Edited by Yuxiang Shi Wednesday, May 30, 2018 2:04 AM
    • Proposed as answer by Yuxiang Shi Wednesday, May 30, 2018 2:04 AM
    • Marked as answer by ryanm76 Wednesday, May 30, 2018 12:29 PM
    Wednesday, May 9, 2018 9:51 AM
  • Sorry for the late response, we are on SCCM 1802.  I will look into more of the Intune resources to see what I can find.

    Wednesday, May 30, 2018 12:28 PM
  • I am experiencing similar difficulties.
    Thursday, June 14, 2018 3:20 PM
  • Ever figured out this issue?
    I'm experiencing the same.

    We have MFA configured with Conditional Access.

    If I knew which app that actually is I could perhaps exclude it from the Conditional Access. But can't find it in the list.

    Wednesday, March 11, 2020 1:43 PM