Forum Discussion

PieterWigleven's avatar
PieterWigleven
Iron Contributor
Apr 07, 2020

Outlook displays "need password" authentication dialog isn't shown on Win10 Enterprise multi-session

Recently issues have been reported related to logon in Office ProPlus on Windows 10 Enterprise multi-session. One specific example is Outlook showing "need password" however the authentication prompt...
werdd's avatar
werdd
Copper Contributor
Sep 29, 2020

Hi Pieter,

 

I'm currently deploying a WVD solution for a client using the Windows 10 Multi-session 1909 + M365 apps marketplace image + FSLogix. Our session hosts are joined to a Windows Server Active Directory Domain running in Azure (IaaS) which is in sync with Azure AD. When Outlook is launched from the desktop for the first time a user is prompted to enter their password instead of SSO. Is this by design? Do we need to Hybrid Azure AD Join our WVD sessions hosts in order to achieve SSO from within the desktop for M365 apps? 

 

Look forward to your response.

  • PieterWigleven's avatar
    PieterWigleven
    Iron Contributor
    Sep 29, 2020

    werdd Yes - for SSO the VM will have to be hybrid Azure AD Joined. Thanks 

    • werdd's avatar
      werdd
      Copper Contributor
      Oct 01, 2020

      Hi Pieter,

       

      We've configured Hybrid Azure AD Joined and now all of our session hosts appear correctly under Azure Active Directory > Devices with the type of 'Hybrid Azure AD joined' and show a date timestamp under the registered column but we're are still experiencing SSO issues when launching any of the desktop Office applications as Teams will show the login page with the users email address and outlook will show a sign in to activate splash screen.

       

      SSO is working via Microsoft Edge for any Office service (OWA/SharePoint). Below is an output of dsregcmd /status from a WVD session host:

       

       

      Update:

       

      Office won't activate on the first run, it requires the application to be closed and then re-opened before the office activation status shows as "Shared Computer Activation" once activation occurs the licensing keys show under %localappdata%\Microsoft\Officce\16.0\Licensing for the user. The policy setting for Use shared computer activation is configured and is present within the registry. 

       

      Once the above is completed subsequent logins are fine for the user.

       

      Are we missing any configuration that would be causing this behaviour?

       

       

      • PieterWigleven's avatar
        PieterWigleven
        Iron Contributor
        Oct 01, 2020

        werdd The Hybrid Azure AD configuration looks good and you should have SSO to specific resources such as portal.office.com. I'm not sure what could cause Outlook to require a restart - it's outside of my expertise area. Do you feel the one-time restart of the program is a viable workaround?

Resources