Starting a few days ago, our Office 2013 users started reporting issues opening documents on SP en OneDrive. The version of Office 2013 is Professional Plus 15.0.4420.1017 (so it is not suitable for modern authantication).
A message pops up requesting to log in to open the document, but login fails. The user is properly logged in to Office.
We found that an entry in the credential manager is missing, and is not created automatically.
The only fix we have found so far is to manually create the entry in the credential manager.
We use ADFS and AADSync.
The issue is currently not present on Office 2016.
Well as far as I understand the documentation, modern authentication is always enabled by default on SharePoint but not on Exchange and Skype. So far we've never changed this.
Luckily it doesn't happen on all our installation. The only change on our side was a GPO for setting the trusted sites. Could a change in trusted sites result in credentials being revoked from the credential manager?
We now think that there are two issues playing, the first being stored credentials being revoked, the second issue not being redirected to our ADFS when presented with an authentication dialog through Word.
Only way I can think of trusted sites change would be if this change meant that you moved the site in or out of being able to do SSO (using same as with the Intranet Zone). Could be other things in there as well as it is a more relaxed security setting.
The ADFS not being presented really sounds like you did move site that previously wasn't doing integrated auth to now trying to do that.
I would recommend installing Fiddler on the box and capture the traffic and perhaps even more importantly connect with our Support team to help you track this down as they know exacatly how to capture the traffic and do the analysis that might take you hours/days.
Hi Bart, were you able to find any resolution to this?
We're experiencing the same issue. Only impacting Office 2013 instances. We've updated the clients to the latest May 2017 updates (15.0.4927.1000).
For some users, simply enabling ADAL by adding the EnableADAL & Version registry keys has resolved. However we still have some users who are receiving the login prompt when attempting to open SharePoint documents or calendars within their local Office clients. They're unable to get past this prompt.
I will try manually adding the credential to their credential manager.
Unforatunely this fix only applies to some of the office products: Excel, Word, PowerPoint, OneNote, InfoPath. It does not resolve the issue for Outlook (with SharePoint calendars) or SharePoint Designer 2013.