Zcc updates resulting in broken ZIA or ZPA

We’ve been testing rollout of ZApp and .96 for Windows only (no Macs here) in a ZIA+ZPA environment, and across about 100 users, we’ve seen 3 that end up in an unusable state. Specifically, ZPA may give a Connection Error, or fail authentication. Maybe Retry will work, maybe Reboot, but more often it is Logout/Login that is required. For one user, we also tripped over the bug where the one-time logout password wouldn’t work, so we had to force remove them.

We’re using Azure AD for SAML auth. Are any other organizations encountering this? Are you also using Azure AD? I’m looking for commonalities, as I’m not sure there’s anything specific we can raise a ticket for.

Hi, i had no Problem with, but upgrade to had similar problems. e.G. Login to ZIA works, but ZPA had problems. Reboot of PC don’t solve the problem, only manual uninstalling and reinstalling the ZAPP works. Only tested on 2 PCs in the moment.

We also use AzureAD SAML authenticaton.
no further deep testing was done from my site in the moment, because i am on vaction now :slight_smile:

We have about 100 machines deployed for testing and not seen any issues so far with upgrades from

We have the same issue with some clients (also using Azure AD SAML) and latest ZCC. Also on complete fresh out-of-the-box clients. We turned off all automatic user login detections in Mobile App Portal and requested affected users to logout with the OTP and then to relogin again. Until yet this solved the issues. But of course this is not a permanent solution…

BTW, happy new year to everyone! Stay healthy!

I’m now at 1540 machines at the latest version (, and I’ve had report of maybe 2 or 3 machines needing assistance. I say maybe because we have other reasons why I’d have to provide a logout password. Based on this, we’re not having a problem.

It’s odd that, when we’re doing it onesey/twosey it’s had such a bad error rate (~5%).

For clarity, we’re currently set up with auto-update to latest, and did “Group Based” rather than “Always Latest Version”. This setting could cause issues down the road, due to unexpected updates, but it’s what’s currently requested.

1 Like


I’ve tried to deploy over 5 machines the from (manual install), 2 had problems, asking to reenroll completely. I need to re-install the package after each hibernation at least for one of them;

@bpetitfour I’ve never had that problem. Hibernation, sleep, log in/out of Windows - these should all be uneventful with Win10. Is it still a problem?