How to make Skype for Business and OneDrive automatically insert credentials on launch ?

Copper Contributor
We have a client, that wants new users to sign in to a domain joined computer and automatically get signed in to Outlook, Skype for Business and OneDrive.

Now the client has an on-premise Active Directory which is synced with AAD Connect to Office 365. So desktop applications are Office 365.

 

Now, I have configured Seamless Single Sign On feature and configure modern authentications, pushed intranet sites with GPO.

This has solved half of the issue, now the users don't have to enter their password, only email.

But Outlook and Teams for example already automatically get their email address entered into Sign in Address bars, that can't be said for Skype for Business and OneDrive though, I still need to manually enter email addresses there and let sSSO do it's work.

 

Now my question is this, is it possible to make it so, that all of the remaining applications (Skype for Business and OneDrive) would automatically insert user's email address into Sign in Address (or email address, or user name, etc.) on first launch?

7 Replies
Assuming the login's match the on-prem domain login and suffix to the UPN in office 365?

Couple things to check. You need to make sure Modern Auth. is enabled for Office 365:
http://aka.ms/EXOModernAuth
https://aka.ms/SkypeModernAuth

Once that's going it usually makes the experience much better and pass between apps. But be weary thou, if the org is large it could create an influx of tickets because it usually makes people reauth. But if they are all on-prem it's usually seamless, we only had issues when turning on Modern Auth and azure joined.

This is step one if it's not enabled. check that then report back, but usually this will help out.

OneDrive needs a GPO/Reg key for this. Download the ADMX and toggle the "Silently configure OneDrive using Windows 10 or domain credentials" setting or configure the following key: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\OneDrive] “SilentAccountConfig”=dword:00000001


SfB shouldn't need a separate setting, but make sure the user's attributes are correctly configured (msRTCSIP-PrimaryUserAddress matches the UPN, etc).

@Chris Webb 

 

Modern Auth are both enabled on Exchange and S4B

Primary User Address matches UPN, but proxyAddress field is empty, I've read that you need SIP addresses there, but I haven't found how to populate them automatically. Unless there is another way
You said you setup seamless sso? They shouldn’t have to enter their email when signing in. Can you sign directly to office 365 via browser and you have to put in your email? If that’s the case seems that logins and UPNs aren’t matched up with the domain account and what’s in 365?

Is office setup as office pro plus and signed in as the user under office account?
Hmm. Proxy address should be populated but don’t think it’s required. Assume you don’t have onprem exchange then.