Forum Discussion
Outlook displays "need password" authentication dialog isn't shown on Win10 Enterprise multi-session
Hi Pieter,
I'm currently deploying a WVD solution for a client using the Windows 10 Multi-session 1909 + M365 apps marketplace image + FSLogix. Our session hosts are joined to a Windows Server Active Directory Domain running in Azure (IaaS) which is in sync with Azure AD. When Outlook is launched from the desktop for the first time a user is prompted to enter their password instead of SSO. Is this by design? Do we need to Hybrid Azure AD Join our WVD sessions hosts in order to achieve SSO from within the desktop for M365 apps?
Look forward to your response.
- PieterWiglevenSep 29, 2020Former Employee
werdd Yes - for SSO the VM will have to be hybrid Azure AD Joined. Thanks
- werddOct 01, 2020Copper Contributor
Hi Pieter,
We've configured Hybrid Azure AD Joined and now all of our session hosts appear correctly under Azure Active Directory > Devices with the type of 'Hybrid Azure AD joined' and show a date timestamp under the registered column but we're are still experiencing SSO issues when launching any of the desktop Office applications as Teams will show the login page with the users email address and outlook will show a sign in to activate splash screen.
SSO is working via Microsoft Edge for any Office service (OWA/SharePoint). Below is an output of dsregcmd /status from a WVD session host:
Update:
Office won't activate on the first run, it requires the application to be closed and then re-opened before the office activation status shows as "Shared Computer Activation" once activation occurs the licensing keys show under %localappdata%\Microsoft\Officce\16.0\Licensing for the user. The policy setting for Use shared computer activation is configured and is present within the registry.
Once the above is completed subsequent logins are fine for the user.
Are we missing any configuration that would be causing this behaviour?
- PieterWiglevenOct 01, 2020Former Employee
werdd The Hybrid Azure AD configuration looks good and you should have SSO to specific resources such as portal.office.com. I'm not sure what could cause Outlook to require a restart - it's outside of my expertise area. Do you feel the one-time restart of the program is a viable workaround?