Forum Discussion
Edge 86.0.622.58 On-premises Sync Not Working Over VPN With Cached Local Login
jdbst56 Hi Joshua! Thanks for reaching out! The Identity Team was looking over your post and it would be helpful to get logs to better understand your specific question/scenario.
Because of the sensitive information/PII that can be in the logs, there are a couple of options:
- File a customer support request You should be able to work with them directly to investigate/resolve your specific issue.
- Submit diagnostic data through our in-browser feedback tool. It's under "..." menu > Help and feedback > Send feedback. You need to turn on "Send diagnostic data" and this should capture all the necessary logs.
If you are planning to use the in-browser feedback tool please get into a clean state and log feedback only after the issue is reproduced. You can get into a clean state by 1) deleting User Data folder before launch OR 2) Create a separate folder and launching edge from command line using --user-data-dir=<that folder>
Additionally, to help the team find your feedback quickly, you can include the string "ForumIdentityOnPremisesVPN" and comment below once you've submitted it.
-Kelly
- jdbst56Nov 09, 2020Brass Contributor
Kelly_Y Hello, I have submitted the logs through the in-browser feedback tool today per your rquest.
- Kelly_YNov 09, 2020Microsoft
jdbst56 Thank you for the feedback! I've located your specific report and routed it to the Identity Team. We will follow up if there is any additional information needed or updates/insights to share.
-Kelly
- Kelly_YNov 09, 2020Microsoft
jdbst56 The team has investigated and can see from the feedback report submitted, on MS Edge launch, the user got signed in with the secondary AAD account on the machine.
ConfigureOnPremisesAccountAutoSignIn policy mentions that MS Edge will give preference to AAD accounts over on-premises account.
Enable the use of Active Directory accounts for automatic sign in if your users' machines are Domain Joined and your environment is not hybrid joined.
The behavior currently being experienced is to be expected and the change to use secondary account was made in MS Edge V86.
The current suggestion from the team is to consider removing the secondary AAD account from machine.
To provide a little more information, we are evaluating/investigating creating a new policy so users will not get implicit sign-in with secondary AAD account if ConfigureOnPremisesAccountAutoSignIn is configured.
bin_da - Please take a look at this post and see if it helps your situation as well.
Thanks!
-Kelly