Issue Description :
We were facing MDM errors when Outlook or any Office desktop app was activated by end user on a new Machine.
Error : CAA50024, Error response came from MDM terms of use page.
This wasn’t impacting registration of devices in Azure AD but causing annoyance to end users. I did couple of testing and it shows that users who weren’t assigned Intune licenses were getting this error when Azure AD tried to enroll devices in Intune.
Reason :
Intune license wasn’t assigned to everyone and MDM Scope was set to All. This error occurred when devices were trying to be auto-registered in Intune but lack of licenses on those users caused this issue.
Fix :
There are two type of fixes but first one is recommended :
- Scope MDM Policy to pilot users, so they are only allowed to register device in Intune.
OR
- Create CNAME Records, It is not recommended if you are using Intune. There isn’t any official answer but forums says that these cname should be deleted when intune is used.
Thank you for reading !
Learn Tech Future 
“Create CNAME Records, It is not recommended if you are using Intune. There isn’t any official answer but forums says that these cname should be deleted when intune is used.”
Do you have any documentation to support this claim? I’ve read just the opposite.
LikeLike
I would have seen it here, Look at the bottom of the page.
https://social.msdn.microsoft.com/Forums/en-US/b055957b-ecbb-469b-9b33-85fd5c7b2cb8/mdm-terms-of-use-endpoint-is-not-correctly-configured?forum=WindowsAzureAD
LikeLike