Forum Discussion
Single Sign On to Teams
Thanks for this!
That was the guide I used, I have everything set as it describes but it still doesnt automatically sign in and the tests dont seem to work.
I can figure out what I have missed
If I turn off multi factor authentication, it does login automatically, although in the logs there does seem to be some errors relating to SSO
Thu May 07 2020 16:48:15 GMT+0100 (British Summer Time) <480> -- warning -- SSO: ssoerr - (status) Unable to get errCode. Err:Error
Thu May 07 2020 16:48:15 GMT+0100 (British Summer Time) <480> -- event -- Microsoft_ADAL_api_id: 13, Microsoft_ADAL_correlationId: 09844004-31fd-46c4-8004-6262138bb32d, Microsoft_ADAL_response_rtime: 2180, Microsoft_ADAL_api_error_code: caa10001, vdiMode: 2022, eventpdclevel: 2,
Thu May 07 2020 16:48:15 GMT+0100 (British Summer Time) <480> -- warning -- SSO: ssoerr - (status) Unable to get errCode. Err:Error
Thu May 07 2020 16:48:15 GMT+0100 (British Summer Time) <480> -- info -- SSO: SSO requires credential. Status: caa10001. Attempting windows auth.
Thu May 07 2020 16:48:15 GMT+0100 (British Summer Time) <480> -- info -- SSO requires credential. Status: caa10001. Attempting windows auth. diag:1
Thu May 07 2020 16:48:15 GMT+0100 (British Summer Time) <480> -- event -- status: success, scenario: 5c687ae7-55d2-4cad-9e30-22fa2521842a, scenarioName: desktop_wia, name: desktop_wia, step: start, sequence: 0, delta: 0, scenarioDelta: 0, elapsed: 4396, stepDelta: 0, vdiMode: 2022, eventpdclevel: 2, Scenario.Name: desktop_wia, Scenario.Step: start, Scenario.Status: success,
Thu May 07 2020 16:48:15 GMT+0100 (British Summer Time) <480> -- event -- status: success, scenario: 5c687ae7-55d2-4cad-9e30-22fa2521842a, scenarioName: desktop_wia, name: desktop_wia, step: stop, sequence: 1, delta: 676, scenarioDelta: 676, elapsed: 5072, stepDelta: 676, vdiMode: 2022, eventpdclevel: 2, Scenario.Name: desktop_wia, Scenario.Step: stop, Scenario.Status: success,
Thu May 07 2020 16:48:15 GMT+0100 (British Summer Time) <480> -- info -- SSO requires credential. Status: caa10001. Windows auth. diag:1
Thu May 07 2020 16:48:15 GMT+0100 (British Summer Time) <480> -- info -- SSO: SSO requires credential. Status: caa10001. Windows auth.
Thu May 07 2020 16:48:15 GMT+0100 (British Summer Time) <480> -- event -- Microsoft_ADAL_api_id: 13, Microsoft_ADAL_correlationId: b62f1f62-b4a6-45c3-9675-96598bbf28e6, Microsoft_ADAL_response_rtime: 16, Microsoft_ADAL_api_error_code: 0, vdiMode: 2022, eventpdclevel: 2,
Thu May 07 2020 16:48:15 GMT+0100 (British Summer Time) <480> -- info -- Hold tight! We're getting you connected. diag:0
Thu May 07 2020 16:48:15 GMT+0100 (British Summer Time) <480> -- info -- adalsso:statusChanged to: Hold tight! We're getting you connected.
Thu May 07 2020 16:48:15 GMT+0100 (British Summer Time) <480> -- info -- Login successful, fetching tokens. diag:1
Thu May 07 2020 16:48:15 GMT+0100 (British Summer Time) <480> -- info -- SSO: Login successful, correlationId:b62f1f62-b4a6-45c3-9675-96598bbf28e6
Thu May 07 2020 16:48:15 GMT+0100 (British Summer Time) <480> -- info -- Hold tight! We're getting you connected. diag:0
Thu May 07 2020 16:48:15 GMT+0100 (British Summer Time) <480> -- info -- adalsso:statusChanged to: Hold tight! We're getting you connected.
Thu May 07 2020 16:48:15 GMT+0100 (British Summer Time) <480> -- info -- https://api.spaces.skype.com completed with status . Proceeding to fetch id_token. Should be silent. diag:1
Thu May 07 2020 16:48:15 GMT+0100 (British Summer Time) <480> -- info -- SSO: https://api.spaces.skype.com completed
with status . Proceeding to fetch id_token. Should be silent.
Thu May 07 2020 16:48:15 GMT+0100 (British Summer Time) <480> -- info -- AuthStateService: nativeWamEnabled:false
Thu May 07 2020 16:48:15 GMT+0100 (British Summer Time) <480> -- info -- Upn silent sign is successful
Thu May 07 2020 16:48:15 GMT+0100 (British Summer Time) <480> -- info -- Feature disabled enableUpnSilentSignin
Thu May 07 2020 16:48:16 GMT+0100 (British Summer Time) <480> -- event -- Microsoft_ADAL_api_id: 13, Microsoft_ADAL_correlationId: 9db3fa58-e6b8-452d-b443-88c448e689e5, Microsoft_ADAL_response_rtime: 292, Microsoft_ADAL_api_error_code: 0, vdiMode: 2022, eventpdclevel: 2,
Thu May 07 2020 16:48:16 GMT+0100 (British Summer Time) <480> -- info -- Hold tight! We're getting you connected. diag:0
Thu May 07 2020 16:48:16 GMT+0100 (British Summer Time) <480> -- info -- adalsso:statusChanged to: Hold tight! We're getting you connected.
Thu May 07 2020 16:48:16 GMT+0100 (British Summer Time) <480> -- info -- Login successful, fetching tokens. diag:1
Thu May 07 2020 16:48:16 GMT+0100 (British Summer Time) <480> -- info -- SSO: Login successful, correlationId:9db3fa58-e6b8-452d-b443-88c448e689e5How was MFA applied before you turned it off? Was it directly assigned or assigned via Conditional Access?
Where did trusted IPs goto?
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings#trusted-ips
Yes everything is as it says in the guide.
In the Teams logs I've noticed the error code 4c7.
I think it explains it here - https://appuals.com/microsoft-teams-connection-issues/
We do have an AD FS server (on Server 2012 R2) for a couple of other things.
I've followed the steps but it hasnt worked yet!
Thanks for your help 🙂