Box Status
Print

Login fails on an Entra ID-joined machine due to a device trust error

Issue

Login fails on an Entra ID-joined machine.

The following message appears: “This device must be joined to an approved domain to access Box.

 

The target domain is specified in the device trust setting “Device Ownership Requirements.”

 

Root Cause

In an Entra ID domain environment, Box Device Trust validates devices using the Entra ID tenant ID, not the traditional domain name. If the domain name is configured, the device may not be identified correctly.

Resolution

  1. Log in to the Box Admin Console, then go to Enterprise Settings > Device Protection > Device Trust.
  2. Select the policy and click Edit.
  3. Locate the Device Ownership Requirements item.
  4. Delete the current domain name and enter the tenant ID.
  5. Click Save.

Reference website: Enterprise Settings: Device Protection Tab

Related articles