You may see the following error after a password reset or account expiry with JumpCloud accounts that are utilizing the JumpCloud Office 365 Directory Integration and where Microsoft Office 365 MFA is enabled within Office 365:
"You must connect to Microsoft Exchange with the current profile before you can synchronize your folders with your Outlook data file (.ost)."
This is an issue due to a conflict where Microsoft's Office 365 MFA is enabled but Office 365's Modern Authentication setting is disabled.
After a password change, as soon as the JumpCloud User enters his or her JumpCloud password into Outlook, it triggers modern authentication request within Office 365 and is denied causing the OST fault.
To Remedy these Issues:
An administrator that has Office 365's MFA disabled will need to use PowerShell to enable Modern Authentication in the Office 365 portal: Enable or disable modern authentication in Exchange Online
Microsoft also states that you need to ensure that registry keys associated with Modern Authentication on each System that has Office 365 installed is enabled as well (Source: How modern authentication works for Office 2013 and Office 2016 client apps). Systems with Office 2016 installed may not need this change as Microsoft assumes automatically as enabled.
We do not recommend editing Registry Keys within Microsoft Windows and recommend contacting Microsoft Support for further assistance on registry key issues or if the values are not correct.
Once all changes have been made and corrected, a reboot is required for the changes to take effect.