Onedrive silently configuration won't work multiple times

Copper Contributor

Hello everyone,
I encountered an issue with the Silently Sign Users in with Windows Creds. It will work the first time logging into OneDrive on the machine, however, if I were to unlink the account or sign out, the GPO will not run again. I will log out and restart the computer, and the GPO will still not run again.


I found that after this GPO runs, it creates a registry key called "SilentAccountConfig" at the location HKLM\SOFTWARE\Policies\Microsoft\OneDrive. This registry key is set to 1 meaning that it has been completed. I have tried to set the key to 0 and tried deleting it to see if the GPO would run again. It unfortunately does not.

 

Silently configure user accounts
I have followed these steps:

  1. Verify SilentAccountConfig
  2. Unlink all pre-existing Business instances in OneDrive.
  3. Clear the registry of any previous successful Silent Business Config runs:
    1. reg delete HKCU\Software\Microsoft\OneDrive /v SilentBusinessConfigCompleted /f
      reg delete HKCU\Software\Microsoft\OneDrive /v ClientEverSignedIn /f
      reg delete HKCU\Software\Microsoft\OneDrive /v PersonalUnlinkedTimeStamp /f
      reg delete HKCU\Software\Microsoft\OneDrive /v OneAuthUnrecoverableTimestamp /f
  4. Set the Silent Config policy registry entry (must be run from an administrator CMD window):
    reg add HKLM\SOFTWARE\Policies\Microsoft\OneDrive /v SilentAccountConfig /t REG_DWORD /d 0x1 /f
  5. Sign out of Windows (Ctrl+Alt+Delete Sign out).
  6. Sign in to Windows.
  7. I have ensured that Verify Single Sign On (SSO) is configured.
  8. Remove any OneAuth failure timestamps
    reg query HKCU\Software\Microsoft\OneDrive /v OneAuthUnrecoverableTimestamp
    reg delete HKCU\Software\Microsoft\OneDrive /v OneAuthUnrecoverableTimestamp /f

None of which seems to work for me.


My question is: how do I allow silently sign into OneDrive GPO to apply every time a user signs into their account. If it does mean I have to run a script to remove/add registry keys to make it work, what would it look like? Any advice would be helpful

2 Replies
I'm struggling with the same problem right now, I'm migrating my entire organization to 365 and I don't understand why but my auto login doesn't work until I delete the keys: Is it some bug in the current build, or simply there is some historical GPO, onedrive version or whatever in the organization? What broke it. I note that syncing to Onedrive has never run in the organization.

"# Remove the SilentBusinessConfigCompleted value
Remove-ItemProperty -Path "HKCU:\Software\Microsoft\OneDrive" -Name "SilentBusinessConfigCompleted" -Force

# Remove ClientEverSignedIn value
Remove-ItemProperty -Path "HKCU:\Software\Microsoft\OneDrive" -Name "ClientEverSignedIn" -Force

# Remove PersonalUnlinkedTimeStamp value
Remove-ItemProperty -Path "HKCU:\Software\Microsoft\OneDrive" -Name "PersonalUnlinkedTimeStamp" -Force

# Remove the value of OneAuthUnrecoverableTimestamp
Remove-ItemProperty -Path "HKCU:\Software\Microsoft\OneDrive" -Name "OneAuthUnrecoverableTimestamp" -Force"