Forum Discussion
Onedrive gets Setup, then complains on second login.
Wasn't sure how to write the subject line. My OneDrive policies are setup to auto-login the user and then configure known folders. That all works great on first login. Then, when you logout and...
HI
Just a few questions. Without some background info, it's hard to troubleshoot the problem.. If you could share the answers. Thanx
*When you press "OK" is everything working like you expected?
*Are you seeing any errors in the azure ad sign in log?
*Does this problem occurs on all devices and what happens when you enroll a new device?
You are mentioning ONLY the second login.. so I guess you tested it with a new devices?
*Are there conditional access rules in place? Like blocking legacy auth etc?
*Is SSO working on other apps/like teams? dsregcmd /status to check prt
*Are there any weird accounts added in the windows settings/account / credentials manager
*What happens if you change 1 setting by a time to not configured? Like the move kfm ?
*Are the devices azure ad joined or hybrid ( maybe some domain gpo's conflicting?)
*Are there any weird errors in the AppData\Local\Microsoft\OneDrive\logs
*Does Onedrive uses modern auth? Maybe the first time it uses legacy the second time modern or reverse?
Just a few questions. Without some background info, it's hard to troubleshoot the problem.. If you could share the answers. Thanx
*When you press "OK" is everything working like you expected?
*Are you seeing any errors in the azure ad sign in log?
*Does this problem occurs on all devices and what happens when you enroll a new device?
You are mentioning ONLY the second login.. so I guess you tested it with a new devices?
*Are there conditional access rules in place? Like blocking legacy auth etc?
*Is SSO working on other apps/like teams? dsregcmd /status to check prt
*Are there any weird accounts added in the windows settings/account / credentials manager
*What happens if you change 1 setting by a time to not configured? Like the move kfm ?
*Are the devices azure ad joined or hybrid ( maybe some domain gpo's conflicting?)
*Are there any weird errors in the AppData\Local\Microsoft\OneDrive\logs
*Does Onedrive uses modern auth? Maybe the first time it uses legacy the second time modern or reverse?
After pressing OK, yes, it logs in without a prompt.
There are no errors or CA failures in the Sign-in Log.
It occurs on all devices regardless of who logs in.
I test it with new and existing devices. Although, I'm new to Azure/Intune so most devices are new.
There are conditional access rules but it happens regardless of CA rules. Most of the time I'm on a trusted network so they do not apply.
All other apps work fine including Teams. They just login.
I'm not sure about weird accounts. I will have to look. I know first login, the user is always setup right because their desktop/documents/pictures files sync.
I will have to do testing with changing one setting at a time. It will affect a lot of people and I have to login with a new account every time to test it out.
Devices are Azure AD Joined, not hybrid.
I have no idea how to read any of the files in that log. Lots of strange stuff.
I don't know if it uses Modern Auth or not. I would like it to so if there is a way to force that, great. This may be the issue. I don't know.
There are no errors or CA failures in the Sign-in Log.
It occurs on all devices regardless of who logs in.
I test it with new and existing devices. Although, I'm new to Azure/Intune so most devices are new.
There are conditional access rules but it happens regardless of CA rules. Most of the time I'm on a trusted network so they do not apply.
All other apps work fine including Teams. They just login.
I'm not sure about weird accounts. I will have to look. I know first login, the user is always setup right because their desktop/documents/pictures files sync.
I will have to do testing with changing one setting at a time. It will affect a lot of people and I have to login with a new account every time to test it out.
Devices are Azure AD Joined, not hybrid.
I have no idea how to read any of the files in that log. Lots of strange stuff.
I don't know if it uses Modern Auth or not. I would like it to so if there is a way to force that, great. This may be the issue. I don't know.
- WIth conditional access you can block legacy auth
For onedrive
HKEY_CURRENT_USER\Software\Microsoft\OneDrive\EnableADAL dword value: 2
To determine if some policies are the cause... it depends on your assignment. Did you target all devices/or all users? when you targeted all users, you could create 1 group with one user in it and make sure you exclude this group so you can test it out with 1 user on one test device.- I guess my question is. Why would it not use Modern Authentication? Is there a reason it wouldn't use it even if the registry value isn't there?
- Hi,
Normally it would use modern auth, but I have seen it happen a couple of times some time ago...
https://support.microsoft.com/en-gb/office/error-code-0x8004deb4-when-signing-in-to-onedrive-e8a8d97c-a87e-4dda-a67e-bae4fef05dcb?ui=en-US&rs=en-GB&ad=GB