Forum Discussion
EricStarker
Nov 15, 2017Former Employee
The new Azure AD sign-in and “Keep me signed in” experiences rolling out now!
We're excited to announce that the general availability rollout of the new Azure AD sign-in and “Keep me signed in” experiences has started! These experiences should reach all users globally by the e...
Kelvin Xia
Microsoft
Nov 16, 2017Hey Vasil,
Thanks for the feedback.
For #1: This is by design in the new experience. We had a lot of strong feedback about the old design where we initiated the redirect when focus was lost on the username field. Most users thought that it was unexpected and jarring and did not give them the opportunity to go back and correct typos. We decided to wait to redirect only after the user clicks the Next button. This experience is consistent with almost all other identity systems.
#2: Can you help me understand your scenario where you don't want KMSI to show up in private sessions and why?
Thanks for the feedback.
For #1: This is by design in the new experience. We had a lot of strong feedback about the old design where we initiated the redirect when focus was lost on the username field. Most users thought that it was unexpected and jarring and did not give them the opportunity to go back and correct typos. We decided to wait to redirect only after the user clicks the Next button. This experience is consistent with almost all other identity systems.
#2: Can you help me understand your scenario where you don't want KMSI to show up in private sessions and why?
bart_vermeersch
Nov 17, 2017Steel Contributor
Three remarks on the new experience:
1. Spelling mistake (in Dutch translation, a period in the middle of a sentence)
2. The checkbox in the KMSI dialog is confusing (don't show this again). Does it make me stay logged in even longer when I select Yes and thick the checbox?
3. When I choose "Yes" in my regular browser session, open a private session, enter a different account in the private session. I get logged in with the account of the regular session anyway, no matter the account I filled in. Is this by design?
Thanks!
Bart
- Michael KostuchNov 17, 2017Copper Contributor
We want this turned off, anyone know how?
- Kelvin XiaNov 17, 2017
Microsoft
Hi Michael, you can turn this off by setting "Show option to remain signed in" in Company Branding to "No". Here's the help article for that: https://docs.microsoft.com/en-us/azure/active-directory/customize-branding- Michael KostuchNov 21, 2017Copper Contributor
We had Microsoft turn ours off at the tenant level until a better plan could be put in place. The problem with Company branding is: 1.) It's a global setting 2.) It can affect Sharepoint Online users and Office 2010 users (and we had just moved over 30K sharepoint sites to Sharepoint Online, so I didn't want to interrupt their experience for my experience with Power BI to work, 3.) Even as a global admin, we could not delete the company branding. The delete button would not highlight and we verified our permissions. We could turn it on or off for KMSI, but we could not delete company branding 4.) We found the KMSI box "Don't ask me again doesn't work" either. It only stays for the session, so to the user they think they should never have to see it again. 5.) We were told we could add a parameter to the Web app to turn this off in the code, so we are pursuing this now as our permanent solution, but for now our customers can function again with KMSI.
- VasilMichevNov 17, 2017MVP
What browser are using Bart? What you are describing in scenario 3 shouldn't be happening, unless maybe in federated environment with WIA autologin. Kelvin can correct me here.
- bart_vermeerschNov 17, 2017Steel Contributor
VasilMichev I tried Chrome, we are federated and are using WIA indeed.
We have now removed SSO for Chrome in our ADFS. It is probably not related to the new sign-in, Chrome was added as SSO browser to our ADFS a few days ago.
- Kelvin XiaNov 17, 2017
Microsoft
Yes, that might have been caused by Chrome SSO. Everything we do in the new sign in experience and stay signed in experience are cookie-based, and cookies are not shared across regular and in-private sessions.
Regarding the other two issues you reported:
1. Translation issue - thanks for reporting this. I'll work with our localization team to get that fixed.
2. Checkbox - the checkbox is essentially a no-op when you say Yes since saying Yes means that you won't have to interactively sign in again in the future. It only applies when you say No so we don't nag you.