Leaderboard

Ok, fixed it. In case anyone else ends up with this issue; the problem in this case was trusted site settings. For some reason the "include all local (intranet) sites" option was not being respected and the fqdn of the primary site; cmserver.corp.com had to be added to the local intranet zone. The company portal logs shows that an exception occurred when calling the config manager user service Exception of type MessageSecurityException has been thrown. Detailed message: MessageSecurityException handled when trying to query the User Service with using... and that the Config Manager user service is using Windows Authentication 76xxxxxa-0xxa-4a6e-911f-fxxxxxxx9 2-1-1 Configuration Manager User Service is using Windows Auth. IIS logs on site server shows no authenticating users but a series of 401 returns to requesting client. When the client is on the Internet the company portal logs shows that the user service is contacted using AAD Auth instead of Windows auth so in that case no Integrated authentication was attempted. After adding the site server to the local intranet zone and re-launching the company portal all apps were displayed and no auth failures were logged