Home

Azure AD Seamless SSO and Chrome

%3CLINGO-SUB%20id%3D%22lingo-sub-135461%22%20slang%3D%22en-US%22%3EAzure%20AD%20Seamless%20SSO%20and%20Chrome%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-135461%22%20slang%3D%22en-US%22%3E%3CP%3EWe've%20setup%20Azure%20Seamless%20SSO%20with%20password%20sync.%20We've%20created%20a%20few%20test%20computers%2C%20and%20user%20accounts.%20Outlook%2C%20Skype%20for%20Business%20(prompts%20for%20username%20but%20not%20password)%20IE%2C%20Edge%20work%20well%2C%20Chrome%20does%20not.%20Chrome%20always%20prompts%20for%20username%20and%20password.%3C%2FP%3E%0A%3CP%3EI've%20followed%20all%20steps%20here%2C%20including%20adding%20in%20sites%20to%20local%20intranet%20zone.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fconnect%2Factive-directory-aadconnect-sso-quick-start%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fconnect%2Factive-directory-aadconnect-sso-quick-start%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-135461%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20AD%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESSO%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-275945%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%20Seamless%20SSO%20and%20Chrome%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-275945%22%20slang%3D%22en-US%22%3E%3CP%3ESame%20as%20user%2C%20just%20in%20computer%2C%20Administrative%20Templates%2FGoogle%2FChrome%2F....%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-204798%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%20Seamless%20SSO%20and%20Chrome%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-204798%22%20slang%3D%22en-US%22%3E%3CP%3EWhat's%20the%20path%20of%20the%20computer%20GPO%3F%3C%2FP%3E%3CBLOCKQUOTE%3E%3CHR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F109083%22%20target%3D%22_blank%22%3E%40Sebastian%20cerazy%3C%2FA%3E%26nbsp%3Bwrote%3A%3CBR%20%2F%3E%3CP%3EHad%20the%20same%20%26amp%3B%20noticed%20that%20my%20Computer%20GPO%20had%20a%20setting%20for%20%3CA%20href%3D%22https%3A%2F%2Fwww.chromium.org%2Fadministrators%2Fpolicy-list-3%23AuthNegotiateDelegateWhitelist%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3E%3CFONT%20color%3D%22%230066cc%22%3EAuthNegotiateDelegateWhitelist%3C%2FFONT%3E%3C%2FA%3E%20and%2For%20the%20%3CA%20href%3D%22https%3A%2F%2Fwww.chromium.org%2Fadministrators%2Fpolicy-list-3%23AuthServerWhitelist%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3E%3CFONT%20color%3D%22%230066cc%22%3EAuthServerWhitelist%3C%2FFONT%3E%3C%2FA%3E%26nbsp%3B(for%20an%20internal%20server)%3C%2FP%3E%3CP%3EIt%20seems%20that%20this%20was%20used%20BEFORE%2FINSTEAD%20OF%20one%20configured%20in%20User%20GPO%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EOnce%20removed%20it%20started%20working%20OK%3C%2FP%3E%3CHR%20%2F%3E%3C%2FBLOCKQUOTE%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-145183%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%20Seamless%20SSO%20and%20Chrome%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-145183%22%20slang%3D%22en-US%22%3E%3CP%3EHad%20the%20same%20%26amp%3B%20noticed%20that%20my%20Computer%20GPO%20had%20a%20setting%20for%20%3CA%20href%3D%22https%3A%2F%2Fwww.chromium.org%2Fadministrators%2Fpolicy-list-3%23AuthNegotiateDelegateWhitelist%22%20data-linktype%3D%22external%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3E%3CFONT%20color%3D%22%230066cc%22%3EAuthNegotiateDelegateWhitelist%3C%2FFONT%3E%3C%2FA%3E%20and%2For%20the%20%3CA%20href%3D%22https%3A%2F%2Fwww.chromium.org%2Fadministrators%2Fpolicy-list-3%23AuthServerWhitelist%22%20data-linktype%3D%22external%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3E%3CFONT%20color%3D%22%230066cc%22%3EAuthServerWhitelist%3C%2FFONT%3E%3C%2FA%3E%26nbsp%3B(for%20an%20internal%20server)%3C%2FP%3E%0A%3CP%3EIt%20seems%20that%20this%20was%20used%20BEFORE%2FINSTEAD%20OF%20one%20configured%20in%20User%20GPO%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EOnce%20removed%20it%20started%20working%20OK%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-896427%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%20Seamless%20SSO%20and%20Chrome%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-896427%22%20slang%3D%22en-US%22%3E%3CP%3Ein%20fact%20i%20have%20the%20same%20issue...%20but%20on%20this%20url%20the%20sso%20works.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fportal.office.com%3Fdomain_hint%3Dcontoso.com%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fportal.office.com%3Fdomain_hint%3Dcontoso.com%3C%2FA%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3Ereplace%20contoso.com%20with%20your%20domain%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3Eregards%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3Edennis%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E
Lynn Towle
Contributor

We've setup Azure Seamless SSO with password sync. We've created a few test computers, and user accounts. Outlook, Skype for Business (prompts for username but not password) IE, Edge work well, Chrome does not. Chrome always prompts for username and password.

I've followed all steps here, including adding in sites to local intranet zone.

 

https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-sso-quic...

4 Replies

Had the same & noticed that my Computer GPO had a setting for AuthNegotiateDelegateWhitelist and/or the AuthServerWhitelist (for an internal server)

It seems that this was used BEFORE/INSTEAD OF one configured in User GPO

 

Once removed it started working OK

What's the path of the computer GPO?


@Sebastian cerazy wrote:

Had the same & noticed that my Computer GPO had a setting for AuthNegotiateDelegateWhitelist and/or the AuthServerWhitelist (for an internal server)

It seems that this was used BEFORE/INSTEAD OF one configured in User GPO

 

Once removed it started working OK


 

Same as user, just in computer, Administrative Templates/Google/Chrome/....

in fact i have the same issue... but on this url the sso works.

 

https://portal.office.com?domain_hint=contoso.com

 

replace contoso.com with your domain

 

regards

dennis

Related Conversations
Tabs and Dark Mode
cjc2112 in Discussions on
35 Replies
Extentions Synchronization
Deleted in Discussions on
3 Replies
flashing a white screen while open new tab
Deleted in Discussions on
14 Replies
Stable version of Edge insider browser
HotCakeX in Discussions on
35 Replies