Forum Discussion
On-premises sync for AD users not working
Hi,
we want to use the On-premises sync of AD users in our enterprise (> 10.000 users).
Unfortunately, it doesn't work. The error message in "edge://sync-internals" is the following:
Error Type: DISABLED_BY_ADMIN
Action: STOP_SYNC_FOR_DISABLED_ACCOUNT
Error Description: Microsoft Information Protection service is disabled
The thing is, the feature used to work back when it was first integrated into Edge. At some point (M86 or M87) it stopped working.
We have configured serveral group policies, including:
RoamingProfileSupportEnabled: 1
RoamingProfileLocation: Path on a network share
ConfigureOnPremisesAccountAutoSignIn: 1
NonRemovableProfileEnabled: 1
ForceSync: 1
I tried installing the Microsoft Azure Information Protection client. Now, Edge sometimes says that sync is enabled, but a profile.pb never gets generated. When I restart the browser, sync is disabled again.
4 Replies
I attached a screenshot of edge://sync-internals
- Kelly_Y
Microsoft
limonjuice Hi! The Sync Team has put together a step-by-step troubleshooting guide for issues.
Specifically for the "DISABLED_BY_ADMIN" error you are seeing, please see the following: https://docs.microsoft.com/en-us/deployedge/microsoft-edge-troubleshoot-enterprise-sync#issue-sync-is-not-available-for-this-account
Thanks!
-Kelly
- Hi, thanks for the reply. We found the issue (my user account was not enabled for MIP use).
