Symptoms
When you try to create a Microsoft Outlook profile after a domain migration, you receive an error message that indicates you can’t start Outlook or something went wrong. You also receive a sign-in prompt.
Additionally, you may see the Event 1098 in Azure Active Directory (AAD) Operational log that resembles the following error:
Error: 2147943712
ErrorMessage: A specified logon session does not exist. It may already have been terminated. A specified logon session does not exist. It may already have been terminated.
AdditionalInformation: Exception of type ‘class WinRTException’ at webaccountprocessor.cpp, line: 190, method:
AAD::Core::WebAccountProcessor::ProcessBrokerRequest::<lambda_>::operator (). Log: 0xcaa5001c Token broker operation failed. Operation name: RequestToken Logged at webaccountprocessor.cpp, line: 520, method: AAD::Core::WebAccountProcessor::ReportException.
To find the AAD Operational log in Event Viewer, locate Applications and Services Logs > Microsoft > Windows > AAD > Operational.
Cause
There are multiple scenarios that can result in a change to a user security identifier (SID), for example, migrating the user to a new domain. However, the user profile isn’t changed, and data files that have the old SID are now cached in an old profile. In this case, you may have an Office connection problem or authentication loops that results in this error.
Resolution
To resolve this issue, follow these steps:
- Delete all files from the Accounts folder at the following: location:
%LOCALAPPDATA%\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\AC\TokenBroker\Accounts
Note
Copy and paste the above location in the Windows Search box to find the folder.
- Restart and re-create an Outlook profile.