Forum Discussion

EricStarker's avatar
EricStarker
Former Employee
Nov 15, 2017

The new Azure AD sign-in and “Keep me signed in” experiences rolling out now!

We're excited to announce that the general availability rollout of the new Azure AD sign-in and “Keep me signed in” experiences has started! These experiences should reach all users globally by the e...
Azure Active Directory (AAD)
Bernd Verhofstadt's avatar
Bernd Verhofstadt
Iron Contributor
Nov 21, 2017

Hi Kelvin Xia,

I did some additional tests on the SSO experience. When I delete my cookies and open a mapped sharepoint webdav connection I cannot load it which is expected (cookie is removed). When I open the sharepoint tenant url I get logged in through SSO and most of the time the magical cookie is created. When the cookie is created I'm able to open the webdav connection. For other users (same permission etc) they get a sign in screen where they need to enter there username. then they are redirected to the homepage but they are not able to open the webdav connection.

Eddy Verbeemen please correct me if I'm wrong :-) 

VasilMichev few years ago we used the smartlinks to enforce the 'keep me signed in'. At a certain moment this was not longer working and we went back to the default login where we could choose to 'keep me signed in'.
It seems that there is a different between SSO where a prompt is shown for a username and no prompt is shown...
Cheers
Bernd

Jason Oliphant's avatar
Jason Oliphant
Copper Contributor
Dec 04, 2017

Bernd,

We are seeing this issue as well when we try to map a users onedrive.  Have you found a fix yet?

Jason

  • Kelvin Xia's avatar
    Kelvin Xia
    Icon for Microsoft rankMicrosoft
    Dec 14, 2017
    Hi Jason,

    are you still seeing issues, if you are, can you please DM me your email address and I'll contact you to get more information to troubleshoot the problem.
  • paul mitchell's avatar
    paul mitchell
    Brass Contributor
    Dec 14, 2017

    We don't use ADFS but we have AD Connect, is there any reason why we are not seeing the new KMSI experience?  It is very hard to keep users informed IF we rely on the roll out dates suggested by Microsoft. 

    • Kelvin Xia's avatar
      Kelvin Xia
      Icon for Microsoft rankMicrosoft
      Dec 14, 2017
      Hi Paul,

      This new KMSI experience is completely rolled out now for a few weeks. We added some logic to hide the prompt if we detect that the login session is risky, if it's a shared machine or if SSO is set up. Can you please try logging in on an in-private/incognito browser and see if the prompt shows?
      • VasilMichev's avatar
        VasilMichev
        MVP
        Dec 18, 2017

        Kelvin Xia what exactly does the "shared machine" logic cover? I stopped receiving the KMSI prompt on my personal PC, which is pretty much the most secure machine I use (even added as trusted IP), and since I'm not using any form of SSO for said account, that only leaves the "shared machine" scenario? On the same machine, another user from the same tenant is getting the KMSI prompt...

Resources