This signifies that the user has a WPJ certificate in their keychain, but jamfAAD has not successfully obtained the Azure AD ID of the user. JamfAAD may try again to grab the AAD ID of the user within the next two hours.
This scenario may also be remediated by running /usr/local/jamf/bin/jamfaad gatherAADInfo on that machine as the logged in user.
Note: If this command is run as root, it will do more harm than good. If running from Jamf Pro, make sure to run it as the logged in user!
The gatherAADInfo command in the Tracking Registration section should be updated to point to the following instead of the alias:
/Library/Application\ Support/JAMF/Jamf.app/Contents/MacOS/Jamf\ Conditional\ Access.app/Contents/MacOS/Jamf\ Conditional\ Access gatherAADInfo