Forum Discussion

MarekCmikiewicz's avatar
MarekCmikiewicz
Copper Contributor
Apr 13, 2021

One Drive for business stopped working on Windows 7

Dear Sirs, Looks like One Drive application stopped working on Windows 7. Logging to company account is not possible and I receive error 0x8004de40 Server error: NoTeamSitePermissions Received 403...
OneDrive for Business
EpicTriffid's avatar
EpicTriffid
Copper Contributor
Apr 16, 2021

KyotoUK MarekCmikiewicz 

Hi both,

 

I managed to fix mine shortly after I made this post. Hopefully it works for you.

 

So, it seems that Microsoft accidentally removed support for TLS 1.0 and 1.1 earlier than communicated. While they fixed it, some updates don't seem to have gone through and so they launched a fix for TLS 1.2 that works. My process, in case you get it elsewhere is:
 
1: Uninstall Windows Update KB3140245
2: Download and install Windows Update KB3140245 from here: https://www.catalog.update.microsoft.com/search.aspx?q=kb3140245
3: Restart the machine
4: Download and run the Easy Fix tool located here: https://support.microsoft.com/en-us/topic/update-to-enable-tls-1-1-and-tls-1-2-as-default-secure-protocols-in-winhttp-in-windows-c4bd73d2-31d7-761e-0178-11268bb10392#bkmk_easy
5: Make following registry changes (I couldn't find TLS 1.1 or 1.2 in either location so changed the same DWORD key under the SSL 2.0 folder in the same location to 0):
For TLS 1.1

Registry location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.1\Client
DWORD name: DisabledByDefault
DWORD value: 0

For TLS 1.2

Registry location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client
DWORD name: DisabledByDefault
DWORD value: 0

 
6: Restart machine
7: Try logging in again
popolou's avatar
popolou
Copper Contributor
Apr 26, 2021

EpicTriffid 

 

It seems this page is being cached by Google so am adding to the solution here.

 

I have just had this same issue and what is described above is part of the process. You also need to consider this page where it explains the steps to control which protocols are permitted within Windows 7: -

 

https://support.microsoft.com/en-us/topic/update-to-enable-tls-1-1-and-tls-1-2-as-default-secure-protocols-in-winhttp-in-windows-c4bd73d2-31d7-761e-0178-11268bb10392

 

Once you run the Easy Fix Tool, you would want to go back and change the entry in both paths: -

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp\DefaultSecureProtocols

and

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp\DefaultSecureProtocols

 

to

aa0

 

As is said in the KB: -

 

By default in Windows, this value is 0x0A0 to enable SSL 3.0 and TLS 1.0 for WinHTTP. The above example keeps these defaults, and also enables TLS 1.1 and TLS 1.2 for WinHTTP. This configuration ensures that the change doesn't break any other application that might still rely on SSL 3.0 or TLS 1.0. You can use the value of 0xA00 to only enable TLS 1.1 and TLS 1.2.
 

Cheers

Pops

  • syl_Ghe's avatar
    syl_Ghe
    Copper Contributor
    May 19, 2021

    popolou Thank you this solved my issue (without having to run the "easyfix" that did not want get installed on my computer.

Resources