09-14-2020 07:56 AM
09-14-2020 07:56 AM
I am trying to figure out an issue with MS Teams, and not having much luck, so I'm wondering if anyone else has encountered this before.
We have a shared PC in a conference room that people will use to log into a shared user account, and then into their personal Teams account during their meeting. The problem is that some users' accounts seem to be cached on the PC, and all you need to do to log into their account is enter their email, no password required.
I have tried the following, with no luck so far:
I finally reimaged the computer I was testing on, which of course fixed the issue, but there has to be a less invasive solution that I just haven't found yet.
Thanks in advance.
09-15-2020 02:17 AM
@awarwick Hello, you can prevent the pre-population of the UPN with a registry key.
09-21-2020 07:11 AM
@bec064 This does not actually solve the problem I mentioned, it only prevents Teams from auto-populating the username.
Through a little bit more testing, I've narrowed it down a little farther. It as long as I click on "No, sign in to this app only" on the attached image, my login is not remembered and I need to enter a password every time I log in. However, as soon as I click OK in this window, whether the "Allow my organization to manage my device" checkbox is checked or not, my password is saved on this Teams login going forward, and there's no way to reverse it short of fully reimaging the computer (at least that I have found so far). And until I reimage the PC, anyone can log into my Teams account using only my email address, no password required.
Also note that this is related to our conference room PCs, which use a shared Windows login, so I'm guessing you might not have this issue without shared logins, I just haven't tested that yet since it wouldn't really help our specific scenario.
09-21-2020 07:41 AM
@awarwick Hi, just to be clear as this hasn't been mentioned. Are these users manually signing out from Teams as well? (top right corner). Teams uses modern authentication and the process and different scenarios such as MFA, domain-joined or not etc. are being described in the previous link I attached. Perhaps this is already taken into consideration but need to ask.
09-21-2020 08:16 AM
That's correct. The users will use the logout option in the menu at the top left, but when they go to sign in again, they enter their username, click next, and then are signed in without a password. This behaves the same way after a reboot as well.
The PC is domain joined, and we are starting to implement MFA, but this issue existed before any of our users were setup with MFA.
The link in your first response didn't really help. It seems to describe how it's supposed to work, and by their description it sounds like using the logout function should cause Teams to prompt for a password again, but that's not what we are seeing here. Where I am at so far, even after using the logout function, the PC will never ask for a password for that account again, until the PC is fully reimaged.
09-21-2020 11:20 AM