Forum Discussion
Onedrive silently configuration won't work multiple times
Hello everyone,
I encountered an issue with the Silently Sign Users in with Windows Creds. It will work the first time logging into OneDrive on the machine, however, if I were to unlink the account or sign out, the GPO will not run again. I will log out and restart the computer, and the GPO will still not run again.
I found that after this GPO runs, it creates a registry key called "SilentAccountConfig" at the location HKLM\SOFTWARE\Policies\Microsoft\OneDrive. This registry key is set to 1 meaning that it has been completed. I have tried to set the key to 0 and tried deleting it to see if the GPO would run again. It unfortunately does not.
Silently configure user accounts
I have followed these steps:
- Verify SilentAccountConfig
- Unlink all pre-existing Business instances in OneDrive.
- Clear the registry of any previous successful Silent Business Config runs:
reg delete HKCU\Software\Microsoft\OneDrive /v SilentBusinessConfigCompleted /f reg delete HKCU\Software\Microsoft\OneDrive /v ClientEverSignedIn /f reg delete HKCU\Software\Microsoft\OneDrive /v PersonalUnlinkedTimeStamp /f reg delete HKCU\Software\Microsoft\OneDrive /v OneAuthUnrecoverableTimestamp /f
- Set the Silent Config policy registry entry (must be run from an administrator CMD window):
reg add HKLM\SOFTWARE\Policies\Microsoft\OneDrive /v SilentAccountConfig /t REG_DWORD /d 0x1 /f - Sign out of Windows (Ctrl+Alt+Delete Sign out).
- Sign in to Windows.
- I have ensured that Verify Single Sign On (SSO) is configured.
- Remove any OneAuth failure timestamps
reg query HKCU\Software\Microsoft\OneDrive /v OneAuthUnrecoverableTimestamp
reg delete HKCU\Software\Microsoft\OneDrive /v OneAuthUnrecoverableTimestamp /f
None of which seems to work for me.
My question is: how do I allow silently sign into OneDrive GPO to apply every time a user signs into their account. If it does mean I have to run a script to remove/add registry keys to make it work, what would it look like? Any advice would be helpful
- filipkohoutCopper ContributorI'm struggling with the same problem right now, I'm migrating my entire organization to 365 and I don't understand why but my auto login doesn't work until I delete the keys: Is it some bug in the current build, or simply there is some historical GPO, onedrive version or whatever in the organization? What broke it. I note that syncing to Onedrive has never run in the organization.
"# Remove the SilentBusinessConfigCompleted value
Remove-ItemProperty -Path "HKCU:\Software\Microsoft\OneDrive" -Name "SilentBusinessConfigCompleted" -Force
# Remove ClientEverSignedIn value
Remove-ItemProperty -Path "HKCU:\Software\Microsoft\OneDrive" -Name "ClientEverSignedIn" -Force
# Remove PersonalUnlinkedTimeStamp value
Remove-ItemProperty -Path "HKCU:\Software\Microsoft\OneDrive" -Name "PersonalUnlinkedTimeStamp" -Force
# Remove the value of OneAuthUnrecoverableTimestamp
Remove-ItemProperty -Path "HKCU:\Software\Microsoft\OneDrive" -Name "OneAuthUnrecoverableTimestamp" -Force"- shockoSteel ContributorMFA enabled?