SOLVED

Windows server 2012 R2 -Onedrive sync -Error Code 0x8004de40 when signing in to OneDrive

%3CLINGO-SUB%20id%3D%22lingo-sub-3198595%22%20slang%3D%22en-US%22%3EWindows%20server%202012%20R2%20-Onedrive%20sync%20-Error%20Code%200x8004de40%20when%20signing%20in%20to%20OneDrive%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-3198595%22%20slang%3D%22en-US%22%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSTRONG%3EIssue%20%3A%20%3C%2FSTRONG%3E%3C%2FP%3E%3CUL%3E%3CLI%3EOnedrive%20sync%20-Error%20Code%200x8004de40%20when%20signing%20in%20to%20OneDrive%3C%2FLI%3E%3CLI%3EIE%20browser%20cannot%20access%20Microsoft%20office%20365%20websites%3C%2FLI%3E%3C%2FUL%3E%3CP%3E%3CSTRONG%3EError%20screenshot%20%3A%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3EOneDrive%3A%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Robin_Poulose_0-1645533773562.jpeg%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F350330iB2229C1DC6B9D7CE%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22Robin_Poulose_0-1645533773562.jpeg%22%20alt%3D%22Robin_Poulose_0-1645533773562.jpeg%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIE%20browser%20%3A%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Robin_Poulose_1-1645533773581.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F350331i04C9F3D5A8ACDFB0%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22Robin_Poulose_1-1645533773581.png%22%20alt%3D%22Robin_Poulose_1-1645533773581.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSTRONG%3EReference%20article%3A%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fsharepoint%2Ftroubleshoot%2Fadministration%2Ferror-0x8004de40-in-onedrive%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EError%20Code%200x8004de40%20when%20signing%20in%20to%20OneDrive%20-%20SharePoint%20%7C%20Microsoft%20Docs%3C%2FA%3E%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fsupport.microsoft.com%2Fen-us%2Ftopic%2Frc4-cipher-is-no-longer-supported-in-internet-explorer-11-or-microsoft-edge-f8687bc1-1f88-9abe-5c81-b00c26290f36%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3ERC4%20cipher%20is%20no%20longer%20supported%20in%20Internet%20Explorer%2011%20or%20Microsoft%20Edge%3C%2FA%3E%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fsocial.technet.microsoft.com%2Fwiki%2Fcontents%2Farticles%2F54255.troubleshooting-turn-on-tls-1-0-tls-1-1-and-tls-1-2-in-advanced-settings.aspx%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3ETroubleshooting%20%3A%20Turn%20on%20TLS%201.0%2C%20TLS%201.1%2C%20and%20TLS%201.2%20in%20advanced%20settings%20-%20TechNet%20Articles%20-%20United%20States%20(English)%20-%20TechNet%20Wiki%20(microsoft.com)%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSTRONG%3EEnvironment%20%3A%20%3C%2FSTRONG%3EWindows%20Server%202012%20R2%3C%2FP%3E%3CP%3E%3CSTRONG%3E%26nbsp%3B%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3E%3CSTRONG%3ETroubleshooting%20%3A%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3EWe%20have%20tried%20all%20the%20solution%20given%20from%20the%20reference%20article%20but%20still%20IE%20is%20not%20able%20to%20access%20office%20365%20website.%3C%2FP%3E%3CP%3EIn%20the%20Internet%20Properties%20panel%2C%20select%20the%20tab%20%22Advanced%22%2C%20and%20in%20the%20Settings%2C%20Security%20section%20mark%20to%20activate%20the%20boxes%20%5B%22Use%20TLS%201.1%22%2C%20%22Use%20TLS%201.2%22%5D%3C%2FP%3E%3CP%3EAdded%20TLS%201.2%20Registry%20-%20Right-click%20Windows%20button%20and%20select%26nbsp%3B%3CSTRONG%3ERun%3C%2FSTRONG%3E%26nbsp%3BType%20%22%3CSTRONG%3Eregedit%3C%2FSTRONG%3E%22%2C%20and%20click%26nbsp%3B%3CSTRONG%3EOK%3C%2FSTRONG%3E%26nbsp%3BThen%20go%20to%20%22%3CSTRONG%3EComputer%5CHKEY_LOCAL_MACHINE%5CSYSTEM%5CCurrentControlSet%5CControl%5CSecurityProviders%5CSCHANNEL%5CProtocols%3C%2FSTRONG%3E%22%2C%20and%20create%20one%20key%20and%20two%26nbsp%3B%3CSTRONG%3EDWORD(32-bit)%3C%2FSTRONG%3E%26nbsp%3Bvalues%2C%20as%20the%20image%20below%20shows.%3C%2FP%3E%3CP%3Ebeside%20enabling%20TLS%201.0%2C%201.1%20and%201.2%20on%20the%20Browser%20I%20enabled%20TSL%201.0%20for%20Client%20and%20server%20on%20the%20registry.%3C%2FP%3E%3CP%3EHKLM%5CSystem%5CCurrentControlSet%5CControl%5CSecurityProviders%5CSchannel%5CProtocols%5CTLS%201.0%5CClient%26nbsp%3B%20and%20%5CServer.%3C%2FP%3E%3CP%3EThe%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fdownload.microsoft.com%2Fdownload%2F0%2F6%2F5%2F0658B1A7-6D2E-474F-BC2C-D69E5B9E9A68%2FMicrosoftEasyFix51044.msi%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EEasy%20Fix%20Tool%3C%2FA%3E%20is%20out%20dated%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fsecurity-updates%2Fsecuritybulletins%2F2015%2Fms15-055%23workarounds%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Edisabling%20DHE%20cipher%20suites%3C%2FA%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3C%2FP%3E%3CP%3Ewe%20cannot%20run%20below%20command%20on%20windows%20server%202012%3CBR%20%2F%3EEnable-TlsCipherSuite%20-Name%20%22TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384%22%20-Position%200%3C%2FP%3E%3CP%3Eunable%20to%20check%20%3CSTRONG%3ECheck%20cipher%20suites%20settings%20on%20windows%20server%202012%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3E%3CSTRONG%3E%26nbsp%3B%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3E%3CSTRONG%3E%26nbsp%3B%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3E%3CSTRONG%3EReproduce%3A%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3E%3CSTRONG%3EWe%20can%20reproduce%20the%20behavior%20on%20lab%20windows%20server%202012%20R2%3C%2FSTRONG%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Robin_Poulose_2-1645533773597.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F350332i8D700F772A64B07E%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22Robin_Poulose_2-1645533773597.png%22%20alt%3D%22Robin_Poulose_2-1645533773597.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22Robin_Poulose_3-1645533773620.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F350333i8693FC3922495E23%2Fimage-size%2Fmedium%3Fv%3Dv2%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22Robin_Poulose_3-1645533773620.png%22%20alt%3D%22Robin_Poulose_3-1645533773620.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%5BHKEY_LOCAL_MACHINE%5CSOFTWARE%5CMicrosoft%5CWindows%5CCurrentVersion%5CInternet%20Settings%5CWinHttp%5D%3C%2FP%3E%3CP%3E%22DefaultSecureProtocols%22%3Ddword%3A00000a00%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ESimilar%20to%20below%20issue%3A%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fwww.reddit.com%2Fr%2Fsysadmin%2Fcomments%2Fngingn%2Fserver_2012r2_onedrive_error_0x8004de40%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fwww.reddit.com%2Fr%2Fsysadmin%2Fcomments%2Fngingn%2Fserver_2012r2_onedrive_error_0x8004de40%2F%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-3198595%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EInternet%20Explorer%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EOneDrive%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EOneDrive%20App%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Contributor

 

 

 

Issue :

  • Onedrive sync -Error Code 0x8004de40 when signing in to OneDrive
  • IE browser cannot access Microsoft office 365 websites

Error screenshot :

OneDrive:

Robin_Poulose_0-1645533773562.jpeg

 

 

IE browser :

Robin_Poulose_1-1645533773581.png

 

Reference article:

Error Code 0x8004de40 when signing in to OneDrive - SharePoint | Microsoft Docs

RC4 cipher is no longer supported in Internet Explorer 11 or Microsoft Edge

Troubleshooting : Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in advanced settings - TechNet Articles - Un...

 

Environment : Windows Server 2012 R2

 

Troubleshooting :

We have tried all the solution given from the reference article but still IE is not able to access office 365 website.

In the Internet Properties panel, select the tab "Advanced", and in the Settings, Security section mark to activate the boxes ["Use TLS 1.1", "Use TLS 1.2"]

Added TLS 1.2 Registry - Right-click Windows button and select Run Type "regedit", and click OK Then go to "Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols", and create one key and two DWORD(32-bit) values, as the image below shows.

beside enabling TLS 1.0, 1.1 and 1.2 on the Browser I enabled TSL 1.0 for Client and server on the registry.

HKLM\System\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\TLS 1.0\Client  and \Server.

The Easy Fix Tool is out dated

disabling DHE cipher suites

we cannot run below command on windows server 2012
Enable-TlsCipherSuite -Name "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384" -Position 0

unable to check Check cipher suites settings on windows server 2012

 

 

Reproduce:

We can reproduce the behavior on lab windows server 2012 R2

 

Robin_Poulose_2-1645533773597.png

 

 

 

 

Robin_Poulose_3-1645533773620.png

 

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\WinHttp]

"DefaultSecureProtocols"=dword:00000a00

 

 

Similar to below issue:

https://www.reddit.com/r/sysadmin/comments/ngingn/server_2012r2_onedrive_error_0x8004de40/

 

1 Reply
best response confirmed by Robin_Poulose (Contributor)
Solution


Final resolution:

Download IIS Crypto (https://www.nartac.com/Products/IISCrypto/

Add the following Keys to the 1st and 2nd position respectively (they weren't there on 2 servers I've tested so far)

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

Find and move the following keys to the 3rd and 4th position respectively (they are there but not in the right order)

TLS_DHE_RSA_WITH_AES_256_GCM_SHA384

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

Robin_Poulose_2-1645552105793.png

 



Make sure all of the check boxes are selected, press Apply, reboot the server.


 

 


Refernece Blog:https://www.reddit.com/r/sysadmin/comments/ngingn/server_2012r2_onedrive_error_0x8004de40/