Forum Discussion
New tab logo - GPO
LBXComputers thanks for checking in! If you're using the Enterprise new tab experience then you can configure your company logo to appear on that page via the online admin center. You can read more about how to do that here: https://docs.microsoft.com/en-us/office365/admin/setup/customize-your-organization-theme?view=o365-worldwide
Please let me know if this is a good solution for you, or additional feedback if not. Thanks!
ChadRoth Is there something that needs to be enabled for the Enterprise experience to show up in Edge? Because i am signed in with a AD account, but i don't have any options in the new tab page.
MicrosoftOliverTeglhus Enterprise new tab experience is only enabled when you sign in with Azure Active Directory (AAD). Is your work account an AAD account, or an AD account? Thanks!
ChadRoth then why the hell does it automatically sign in with the ad\*username* account then... Now it finally works after signing in with my 365 account.
- We are finding that the user signs in automatically with domain\username rather than user@domain.com and you have to create a second profile to get sign in to work and sync to happen.
We are using hybrid ad/aad as we have on premises AD but Office 365 with SSO.LBXComputers You mentioned that your environment is hybrid AD joined and you are yet getting domain/username automatically signed in rather than your AAD account? That's pretty strange and we'd love to work with you to understand why this is happening. The intended behavior is that you should get signed in with your AAD. I'll message your privately to look into this. If anyone else is in this situation, please let me know.
LBXComputers I built a GPO to only allow signins to Edge from certain domains. The end result is that the DOMAIN\User is blocked from being the default profile, and the user can select their Office 365 account as their signed in profile (and therefore sync). With a little work on the GPO, I can probably allow just about everything except domain\user format, so that users can use their personal Microsoft account for a personal profile, in addition to the work one. We have multiple domain names on our email, so I had to use a regex expression as it is to make this work.
But right now, I block auto profile sign-in completely during install, and only allow my end users to sign in with an Office 365 AAD account as their default profile.
The specific GPO I use to accomplish this is "Restrict which accounts can be used as Microsoft Edge primary accounts", mine is set to ".*@(domain1.com|domain2.com|domain3.com)" without the quotes. Some fancy "regex-ing" could probably make this more universal and still block the use of domain\username format, and prevent the AD account from grabbing the default profile.
I also disabled "Configure whether a user always has a default profile automatically signed in with their work or school account" to allow deletion or signing out of the default profile.
ChadRoth it would be nice if Edge were smart enough to not try and use the DOMAIN\User ID as the default profile, since that account can't sync. Since its the default profile, it makes life pretty annoying having to switch profiles all the time. My workaround works great, but most users won't know how to do this.
