Forum Discussion

nickgiese's avatar
nickgiese
Copper Contributor
May 09, 2024

Onedrive silently configuration won't work multiple times

Hello everyone,
I encountered an issue with the Silently Sign Users in with Windows Creds. It will work the first time logging into OneDrive on the machine, however, if I were to unlink the account or sign out, the GPO will not run again. I will log out and restart the computer, and the GPO will still not run again.


I found that after this GPO runs, it creates a registry key called "SilentAccountConfig" at the location HKLM\SOFTWARE\Policies\Microsoft\OneDrive. This registry key is set to 1 meaning that it has been completed. I have tried to set the key to 0 and tried deleting it to see if the GPO would run again. It unfortunately does not.

 

Silently configure user accounts
I have followed these steps:

  1. Verify SilentAccountConfig
  2. Unlink all pre-existing Business instances in OneDrive.
  3. Clear the registry of any previous successful Silent Business Config runs:
    1. reg delete HKCU\Software\Microsoft\OneDrive /v SilentBusinessConfigCompleted /f
      reg delete HKCU\Software\Microsoft\OneDrive /v ClientEverSignedIn /f
      reg delete HKCU\Software\Microsoft\OneDrive /v PersonalUnlinkedTimeStamp /f
      reg delete HKCU\Software\Microsoft\OneDrive /v OneAuthUnrecoverableTimestamp /f
  4. Set the Silent Config policy registry entry (must be run from an administrator CMD window):
    reg add HKLM\SOFTWARE\Policies\Microsoft\OneDrive /v SilentAccountConfig /t REG_DWORD /d 0x1 /f
  5. Sign out of Windows (Ctrl+Alt+Delete Sign out).
  6. Sign in to Windows.
  7. I have ensured that Verify Single Sign On (SSO) is configured.
  8. Remove any OneAuth failure timestamps
    reg query HKCU\Software\Microsoft\OneDrive /v OneAuthUnrecoverableTimestamp
    reg delete HKCU\Software\Microsoft\OneDrive /v OneAuthUnrecoverableTimestamp /f

None of which seems to work for me.


My question is: how do I allow silently sign into OneDrive GPO to apply every time a user signs into their account. If it does mean I have to run a script to remove/add registry keys to make it work, what would it look like? Any advice would be helpful

  • filipkohout's avatar
    filipkohout
    Copper Contributor
    I'm struggling with the same problem right now, I'm migrating my entire organization to 365 and I don't understand why but my auto login doesn't work until I delete the keys: Is it some bug in the current build, or simply there is some historical GPO, onedrive version or whatever in the organization? What broke it. I note that syncing to Onedrive has never run in the organization.

    "# Remove the SilentBusinessConfigCompleted value
    Remove-ItemProperty -Path "HKCU:\Software\Microsoft\OneDrive" -Name "SilentBusinessConfigCompleted" -Force

    # Remove ClientEverSignedIn value
    Remove-ItemProperty -Path "HKCU:\Software\Microsoft\OneDrive" -Name "ClientEverSignedIn" -Force

    # Remove PersonalUnlinkedTimeStamp value
    Remove-ItemProperty -Path "HKCU:\Software\Microsoft\OneDrive" -Name "PersonalUnlinkedTimeStamp" -Force

    # Remove the value of OneAuthUnrecoverableTimestamp
    Remove-ItemProperty -Path "HKCU:\Software\Microsoft\OneDrive" -Name "OneAuthUnrecoverableTimestamp" -Force"

Resources