Forum Discussion

DavidOldershaw's avatar
DavidOldershaw
Copper Contributor
Jan 16, 2020

Sync issues

I can't get sync to work in our Amazon Workspace environment (running Server 2016). Sign in authenticates fine but then I get an error saying "Hmm...we're having trouble verifying your account detail...
DavidOldershaw's avatar
DavidOldershaw
Copper Contributor

Is anyone able to help?

 

Looking at sync-internals I get the following information:

 

Disable Reason: Waiting for sync url

Last token error: EDGE_AUTH_ERROR: 3, 24, 4b0

MNichols's avatar
MNichols
Copper Contributor
Mar 24, 2020

I have this same problem on a Windows Server 2016 RDS session host deployment, we have Azure AD connect with Seamless SSO configured, SSO is working fine for all other Azure AD applications. 

 

You get prompted to sign in, SSO signin appears to be successful, but sync stays in the "setting up sync" phase indefinitely. 

 

This is problematic because favorites are not stored in a part of the roaming profile, so users favorites appear to have been lost from the users' perspective unless the session broker load balancing happens to route them back to the same session host they were logged in to when they created their favorites.

 

 

edge://sync-internals shows:

Summary

Transport StateDisabled
Disable ReasonsWaiting for sync url
Sync Feature Enabledfalse
Setup In Progressfalse
Auth ErrorOK since browser startup
Sync Account TypeAAD

 

Credentials

Requested Token2020-03-24 12:20:00 -04
Received Token Response2020-03-24 12:20:00 -04
Last Token Request ResultOK
Has Tokenfalse
Next Token Request2020-03-24 12:20:07 -04
Last Token ErrorEDGE_AUTH_ERROR: 3, 24, 4b0

 

 

 

 

 

  • DavidOldershaw's avatar
    DavidOldershaw
    Copper Contributor
    Mar 25, 2020

    I haven't been able to resolve the issue. If I sign in using the beta or Dev channel then I the additional error:

     

    "We are unable to verify your account. Please sign in for account_hint"

     

    Most but not all of my users get this error but I can't see any differences.

    • MNichols's avatar
      MNichols
      Copper Contributor
      Mar 25, 2020

      Thanks.

       

      I'm going to open a support case on it, will keep you updated on if I get a resolution.

       

      • MNichols's avatar
        MNichols
        Copper Contributor
        Apr 02, 2020

        I wound up doing various tests.. stand up a new host in it's own collection in an OU where inheritance was blocked to rule out something in group policy breaking it.

         

        I was able to reproduce it with no GPOs linked.

         

        It turned out the culprit was Symantec Endpoint Protection.

        The servers were on the most current version but apparently there is an incompatibility.

         

        After uninstalling Symantec Endpoint Protection it works fine. 

         

Resources