Oct 11 2021 04:15 PM - edited Oct 11 2021 04:23 PM
Situation:
Problem
The problem is the following:
When a roaming user logs in at a computer for the first time they can open https://portal.office.com without enterying credentials so SSO is working. Then they open edge and try to login using their azure ad account to setup synchronization. When succeeding, the sync is enabled and favorites in the favorites bar are visible. This also adds a microsoft account to 'access to work and school' (the local AD is already present). However, more and more users complain that the login-button in edge does nothing (some claim they see the login screen flash very quickly). We have a testlab and replicated the problem. The user logs in with a roaming profile and when opening edge, nothing seems to happen when clicking the login-button.
Workarounds
We searched the internet and found 2 workarounds:
- kill all edge processes, delete the edge folder in appdata and run edge in win7 compatibility mode. Then we get a login screen and can complete login. After this edge resets the compatibility mode itself so when start edge the next time it runs normal. Sync is still working.
- Run edge with the --force-oneauth parameters. This forces the loginscreen to appear and we can complete the login and sync is enabled. When we close and run edge without the parameters, sync and login does not work anymore
We are runnning a script to automate the first workaround multiple times a day as users are roaming from computer to computer. So we need to fix this instead of applying workarounds. Could the combination of edge + azure account and roaming profiles be a problem? And even if it is, how can we fix this?
Additional info
The testlab computer has the following setup:
Windows 10 build 19043
Edge 94.0.992.47
I tried to create a microsoft tickets but it seems this needs a paid support contract....
Oct 12 2021 04:06 PM
@pvlier Hello! I'm not sure if you are running into the exact same issue but we had a previous thread on Tech Community which might be similar.
Users had issues with on-premises sync when they were getting implicit sign-in with their MSA or AAD accounts instead. (Edge 86.0.622.58 On-premises Sync Not Working Over VPN With Cached Local Login - Microsoft Tech Comm...). Here is the policy that was created to address the issue: https://docs.microsoft.com/en-us/deployedge/microsoft-edge-policies#onlyonpremisesimplicitsigninenab...
Let us know if this does not help or your scenario is different. Thanks!
-Kelly
Oct 14 2021 01:05 AM