Ask a new question

Microsoft Teams Error Code caa70004

Good day,

We seem to be having some trouble with Microsoft Teams authentication for some users on new computers that have been added to our internal domain. Currently this is only happening to users that are logging into the computer for the first time. We have now confirmed that it is happening on all versions of Windows 10 that we can test from 1809 to 1903. The O365 accounts and licensing are fine, each user can login to Teams web app and use the service just fine. This is unexpectedly only the Microsoft Teams software not working.

Very importantly, we are never prompted for a password. We enter the proper email address for the Office 365 user and click sign-in. After doing so we are greeted with the below screen, there is no attempt or request to authenticate. There are no credentials in the credential manager and we have cleared all others to be sure it is unrelated.

We were also able to find that when the computers are removed from the domain they can login but not when added to the domain. When the computer is added to the domain and even if put in an OU blocking all policies from AD it still gives the same error whether it is a domain or local user account. Additionally, it doesn't matter which user is attempting to authenticate. You get the same error message when you attempt a fake address as well as a valid address. This makes me believe that the authentication process doesn't even get to the point of actually authenticating the user before it fails inexplicably.

It is clear this is an issue with the forms based authentication and it appears to be bypassing that step for some reason that I can't understand that just started but only when the PC is attached to the domain. If I remove the device from the domain it immediately starts working and as I mentioned. All existing PCs we have running on the domain are working without issue but when we log a new user into the computer it doesn't work, whether that be a local or domain user.

The error is as follows and is in the screen capture below. The first portion changes every time an attempt is made but I included it for reference since it is shown in the capture.

desktop-029172fb-76ac-4134-a8b8-c7df6ca648a8 <this part of the message changes with every attempt>

Error code - caa70004

There's a more permanent way to sign in to Microsoft Teams. If you're having trouble completing the process, talk to your IT admin.

I can provide the logs but wasn't able to include them because of the character limit.

I am at a total loss, the only things I can seem to hint at with the errors but not with the error code is a potential issue with AD FS but we do not use AD FS internally and it isn't configured on the domain. All other Office applications such as Outlook will connect and are completely content with being on our domain but Teams will not work.

Your assistance with this matter is greatly appreciated.

* Please try a lower page number.

* Please enter only numbers.

* Please try a lower page number.

* Please enter only numbers.

Hi JDJankowski,

Based on your description, this issue only happens on the new user computers which are joined to your local AD. In this scenario, it would be better for you to capture the sign-in traffics for the further troubleshooting. You can send the log file via the following link.

https://answers.microsoft.com/en-us/privatemessage/inbox

Besides, I'd like to collect the following information to better understand your situation.

1. May I know if your organization enabled password syncing in directory synchronization (Azure AD Connect)? If so, which way was deployed, password hash sync, pass-through authentication or Azure AD single sign-on? 

2. Have these users added their Office 365 accounts in Settings > Accounts? If so, please try to disconnect the account and clear Teams desktop cache to check if it works. 

Regards,

Marvin

-----------------------

* Beware of scammers posting fake support numbers here.

* Kindly Mark and Vote this reply if it helps please, as it will be beneficial to more Community members reading here.

10 people found this reply helpful

·

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Hello Marvin,

Thank you for the response, the below are answers to your questions.

1. There is no AAD password sync, the local AD credentials are separate from the O365 login credentials at this time

2. At this time, in all our scenarios the user has not added their O365 accounts to Windows 10 in Settings > Accounts

As for the sign-in traffic you are requesting, I will provide the information requested later today when I get it captured. Thank you again for your assistance.

J.D. Jankowski

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Hello Marvin,

Very odd behavior when Fiddler is running to get the capture, the error changes and I have no idea why. I am posting this here so it is public in case someone else ever has this issue and is asked the same.

As a result of Fiddler running, I am getting the following error now.

We can't connect you.

Looks like we can't connect to one of our services right now. Please try again later, or contact your helpdesk if the issue persists.

0xCAA30194

login.microsoftonline.com

Additionally, the Teams window does open after this screen and is as follows with the first part changing in each instance.

desktop-ac633495-004c-48cd-bb56-f4a24af34b4b <this part of the message changes with every attempt>

Error code - caa30194

There's a more permanent way to sign in to Microsoft Teams. If you're having trouble completing the process, talk to your IT admin.

I have attempted this on two different devices and with different users including domain and local user accounts. I can replicate the issue consistently and get the above shown error (caa30194) when Fiddler is running versus (caa70004) when it is not. Since this throws a completely different error into the situation I will await feedback as to how I should proceed.

I have sent you directly the Teams logs from both error codes received so if that can help you now have them.

J.D.

6 people found this reply helpful

·

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Hi JDJankowski,

Thank you for the log files. From the log, I found the error is related with WAM (Web Account Manager).

In this scenario, please make sure the firewall, antivirus software, and Windows Defender don't block the following AAD WAM plug-in processes that engaged in token acquisition:

  • C:\Windows\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Microsoft.AAD.BrokerPlugin.exe
  • C:\Windows\System32\backgroundTaskHost.exe


Besides, you can try to reinstall the AAD WAM package to check if it helps. For your reference, see Fix authentication issues in Office applications when you try to connect to an Office 365 service.


Regards,

Marvin

-----------------------

* Beware of scammers posting fake support numbers here.

* Kindly Mark and Vote this reply if it helps please, as it will be beneficial to more Community members reading here.

12 people found this reply helpful

·

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Hello Marvin,

I did it again to confirm but I have tested on the devices in question with no AV installed and there is no blocking on the system firewall as I turned it off for testing as well. Additionally, I have created a bypass rule in the site firewall for the devices being tested on to make sure it was not firewall related. Lastly, I completed the steps requested for the AAD WAM package and after that process was successfully completed I received the same caa70004 error when attempting to login to Teams.

J.D. Jankowski


Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Hi J.D. Jankowski,

From the fiddler log screenshots, you can see they connected to different hosts. The failed one connected to odc.officeapps.live.com. From my research, this URL is dedicated for Microsoft personal accounts. While the successful one was redirected to the right Microsoft 365 login host login.microsoftonline.com


From my perspective, this issue could be related with the DNS records of the domain. Because the root cause is that the user credential is sent to the wrong host for authentication after Teams resolves the domain of the user account. To protect your privacy, I'd like to discuss this in private message.

Regards,

Marvin

-----------------------

* Beware of scammers posting fake support numbers here.

* Kindly Mark and Vote this reply if it helps please, as it will be beneficial to more Community members reading here.

1 person found this reply helpful

·

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Dear all

     I face the same problem for 3 days now, first  i notice that  the code erreur is 4c7, but today i found a different one erreur caa70004 . 

Could you please advise if you know how ti fix it ? 

Thanks in advance

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Post resetting my office password teams started showing the issue was receiving the same page 

"run into a issue" with error code caa70004.

Tried the following and it worked flawlessly, the inital mistake i was doing was that i was on VPN & company sign in page already.

>>> ensure you are not on any vPN or company related production connection, keep it on simple internet connectivity.

>>> clear the cache in all cache folders only

%AppData%\Microsoft\teams\application cache\cache

during the above ensure teams is not running, post clearing the cache start the teams on plain internet connectivity and then it shows the organisation sign in page post that it should work unless you have other underlying symptoms.

13 people found this reply helpful

·

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Our users are having similar problems. When they are on the LAN they can't sign in.  But when off the LAN there are no problems and they can login to Teams fine.

We receive several errors

0xCAA80000, CAA70004 and caa30194

Our AD is not synced with O365 as we are using the free version of Teams

Users were logging in fine until earlier this week

1 person found this reply helpful

·

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

I did find a solution myself on this issue and it was fortunately not as complicated as I anticipated.

We simply added the Office 365 account into the users list of resources and it started to work 100% of the time.

Click on the Start menu -> click on User (silhouette of person in left menu if no picture) -> click Change account settings then in the new window on the left menu click Access work or school.

Simply click the + Connect option and login using your Office 365 credentials.


Once done you will see the an account added and you can now attempt to open Teams again. It may request that you enter your email address again and then it should just log you in without needing to authenticate again since you have now connected to your online account.

Not sure why this wasn't being done when logging into Teams but this fixed it for all of the users who were having the trouble in our environment.

J.D. Jankowski

20 people found this reply helpful

·

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

* Please try a lower page number.

* Please enter only numbers.

* Please try a lower page number.

* Please enter only numbers.

 
 

Question Info

Last updated May 7, 2024 Views 117,461 Applies to: