Forum Discussion
Windows server 2012 R2 -Onedrive sync -Error Code 0x8004de40 when signing in to OneDrive
Issue :
- Onedrive sync -Error Code 0x8004de40 when signing in to OneDrive
- IE browser cannot access Microsoft office 365 websites
Error screenshot :
OneDrive:
IE browser :
Reference article:
https://docs.microsoft.com/en-us/sharepoint/troubleshoot/administration/error-0x8004de40-in-onedrive
https://support.microsoft.com/en-us/topic/rc4-cipher-is-no-longer-supported-in-internet-explorer-11-or-microsoft-edge-f8687bc1-1f88-9abe-5c81-b00c26290f36
https://social.technet.microsoft.com/wiki/contents/articles/54255.troubleshooting-turn-on-tls-1-0-tls-1-1-and-tls-1-2-in-advanced-settings.aspx
Environment : Windows Server 2012 R2
Troubleshooting :
We have tried all the solution given from the reference article but still IE is not able to access office 365 website.
In the Internet Properties panel, select the tab "Advanced", and in the Settings, Security section mark to activate the boxes ["Use TLS 1.1", "Use TLS 1.2"]
Added TLS 1.2 Registry - Right-click Windows button and select Run Type "regedit", and click OK Then go to "Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols", and create one key and two DWORD(32-bit) values, as the image below shows.
beside enabling TLS 1.0, 1.1 and 1.2 on the Browser I enabled TSL 1.0 for Client and server on the registry.
HKLM\System\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\TLS 1.0\Client and \Server.
The https://download.microsoft.com/download/0/6/5/0658B1A7-6D2E-474F-BC2C-D69E5B9E9A68/MicrosoftEasyFix51044.msi is out dated
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-055#workarounds
we cannot run below command on windows server 2012
Enable-TlsCipherSuite -Name "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384" -Position 0
unable to check Check cipher suites settings on windows server 2012
Reproduce:
We can reproduce the behavior on lab windows server 2012 R2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp]
"DefaultSecureProtocols"=dword:00000a00
Similar to below issue:
https://www.reddit.com/r/sysadmin/comments/ngingn/server_2012r2_onedrive_error_0x8004de40/
Final resolution:
Download IIS Crypto (https://www.nartac.com/Products/IISCrypto/
Add the following Keys to the 1st and 2nd position respectively (they weren't there on 2 servers I've tested so far)
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Find and move the following keys to the 3rd and 4th position respectively (they are there but not in the right order)
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
Make sure all of the check boxes are selected, press Apply, reboot the server.
Refernece Blog:https://www.reddit.com/r/sysadmin/comments/ngingn/server_2012r2_onedrive_error_0x8004de40/
1 Reply
Final resolution:
Download IIS Crypto (https://www.nartac.com/Products/IISCrypto/
Add the following Keys to the 1st and 2nd position respectively (they weren't there on 2 servers I've tested so far)
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Find and move the following keys to the 3rd and 4th position respectively (they are there but not in the right order)
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
Make sure all of the check boxes are selected, press Apply, reboot the server.
Refernece Blog:https://www.reddit.com/r/sysadmin/comments/ngingn/server_2012r2_onedrive_error_0x8004de40/