Bug? Restrict which accounts can be used as Microsoft Edge primary accounts prevents auto sign-in

Brass Contributor



I just yesterday enabled the "Restrict which accounts can be used as Microsoft Edge primary accounts" in Configuration Profiles and deployed it to my dev machine. I then performed a Wipe from the Intune, relogged in as the dev user, and then started verifying all the profiles I've set up so far properly applied from start to finish. Unfortunately, when I fired of MS Edge, I immediately notice a problem: it did not automatically sign-in and sync like it had been doing. I went back and disabled the "Restrict which accounts can be used as Microsoft Edge primary accounts" and sure enough automatic sign-in and sync started working again. Is this a bug? It seems like it should be. 

6 Replies
Have you put added the domain like the article below? I think if you type edge://policy in the address bar it would show.


Yep. Did that. And it correctly shows up on the edge://policy page. I also triple checked for typos. It seems that for some reason that policy is breaking my automatic sign and sync policy set up.
Also, I've had someone on Reddit confirm they experienced the same issue.
Hi, one thing I would like to mention is that for some reason domain is case-sensitive.

For some reason if you add domain with upper case, it might create a problem. Now, when your domain is added, please check wording, and then add it like that to your Intune policy.

I hope this helps, I had this same issue, but this was my fix.
I think it was all lowercase. I'll try it again later to see if things still break when I enable this policy.


I'm sure you would have found the resolution to this issue but just to update anyone else who stumbles across this post. I have resolved this after reviewing the following: https://www.inthecloud247.com/block-personal-accounts-from-syncing-in-microsoft-edge-with-microsoft-... and https://admx.help/?Category=EdgeChromium&Policy=Microsoft.Policies.Edge::RestrictSigninToPattern&Lan...

This policy uses a regular expression rule so needs to include the preceding dot(.). This needs to be configured as follows: