Forum Discussion

YannickHmog's avatar
YannickHmog
Copper Contributor
May 28, 2025

AVD - Sign-in issues with O365 applications

Hi everyone

Our AVDs are currently running on Windows 10 22H2 (Build 19045.5854) For some time now, our users have been experiencing issues signing in to certain Office 365 applications, especially OneDrive and Outlook.

For many users, the sign-in gets stuck in an endless loop. The affected AVD host then needs to be restarted for the sign-in to Outlook and OneDrive to work again.

In the event log, we often encounter the following error:

"A fatal error occurred while creating a TLS client credential. The internal error state is 10013."

Has anyone else experienced this issue or found a solution for it?

AVD Hosts
office 365
onedrive
outlook

3 Replies

Sort By
  • hariskhurshid's avatar
    hariskhurshid
    Copper Contributor
    May 29, 2025

    Hi YannickHmog​ 

    Kindly perform the below steps and check.

    1. Disabled or misconfigured TLS protocols (especially TLS 1.2).
    2. Corrupt SCHANNEL components (the Windows library responsible for TLS/SSL).
    3. Outdated or mismatched Office or Windows updates.
    4. Credential Manager corruption or cached login issues.
    5. Group Policy or registry restrictions affecting cryptographic protocols.
    6. TLS 1.2 is required for modern Microsoft 365 services. 
    7. Update Windows and Office
    8. Ensure all AVD hosts have the latest cumulative updates for Windows 10 22H2. Some builds have known TLS bugs that are patched in later updates.
    9. Reset WinHTTP and Schannel Settings
    10. Clear Office Sign-in Cache / Credentials
    11. Lastly, Rebuild or Redeploy the Host Pool Image                                                                                                          . If the issue persists, then let me know your current patch level and how Office is deployed.
  • Kidd_Ip's avatar
    Kidd_Ip
    MVP
    May 29, 2025

    Take this:

     

    1. Enable TLS 1.2 & 1.3 in Windows Settings

      • Open Internet Options (inetcpl.cpl in Run).
      • Go to the Advanced tab.
      • Ensure TLS 1.2 and TLS 1.3 are checked.
      • Restart the AVD host.

     

    2. Modify TLS Registry Settings

    reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client" /v "DisabledByDefault" /t REG_DWORD /d "0" /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client" /v "Enabled" /t REG_DWORD /d "1" /f
      • Restart the AVD host after applying changes.

     

    3. Check for Windows & Office Updates

      • Ensure Windows 10 22H2 is fully updated.
      • Update Office 365 apps via winget upgrade --all.

     

    4. Verify Microsoft Entra ID Authentication

      • If users are stuck in a sign-in loop, check Microsoft Entra ID conditional access policies.
      • Ensure modern authentication is enabled for OneDrive & Outlook.

    5. Reset OneDrive & Outlook Credentials

    cmd /c "echo y | del %localappdata%\Microsoft\OneDrive\settings\Business1"
      • Restart OneDrive and Outlook.

Resources