AAD Cloud AP plugin call Lookup name name from SID returned error: 0xC00485D3

and

Http request status: 400. Method: GET Endpoint Uri: https://login.microsoftonline.com/<Removed> Correlation ID: <Removed>


Issue was Duo was installed had to add Machine to Trusted Devices

Also Make sure you Whitelist user from Conditional Access for Windows VM Signin


Reason: VSM Key rollover

TimeCreated: 6/23/2026 3:08:25 AM
Id: 1160
Message: Logon failure. Status: 0xC0000250 Correlation ID: [REDACTED]

TimeCreated: 6/23/2026 3:08:25 AM
Id: 1250
Message: DoGetToken Diagnostic Event:
Result: 0xC0000250
User Identity: [REDACTED]
Credential Type: 1
Correlation ID: [REDACTED]
Endpoint Uri: https://login.microsoftonline.com/[TENANT-ID]/oauth2/token
HTTP Status: POST
HTTP Method: The operation completed successfully.
ErrorCode: 400
Error Description: interaction_required

TimeCreated: 6/23/2026 3:08:25 AM
Id: 1081
Message: OAuth response error: interaction_required
Error description: AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access ‘[RESOURCE-ID]’. Trace ID: [REDACTED] Correlation ID: [REDACTED] Timestamp: 2026-06-23 03:08:25Z
CorrelationID: [REDACTED]

TimeCreated: 6/23/2026 3:08:25 AM
Id: 1025
Message: Http request status: 400. Method: POST Endpoint Uri: https://login.microsoftonline.com/[TENANT-ID]/oauth2/token Correlation ID: [REDACTED]

TimeCreated: 6/23/2026 3:08:25 AM
Id: 1241
Message: On-prem tgt error: On-prem configuration is missing

TimeCreated: 6/23/2026 3:08:24 AM