Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Sunday, June 17, 2018 10:24 PM
The clients are running Windows 10 1803 Enterprise with Current Branch Office 365.
The OneDrive client built into Windows 10 1803 is supposed support silent configuration of OneDrive, but it isn't working for us.
We have created a group policy with the setting:
"Silently configure OneDrive using the primary Windows account"
The user is logged into Windows using a Windows domain user account from our local AD. The user account is synced to Office 365. Workstation accounts are not synced out of the local domain.
The user is signed into Office and "Add this account to Windows" was selected and Office 365 is activated.
We also added the registry key HKEY_CURRENT_USER/Software/Microsoft/OneDrive\EnableADAL key set to 1.
We set the maximum size before the user is prompted to choose folders to 10240 and entered the tenant GUID.
We ran RSOP and gpresult to verify the systems was receiving the group policy settings.
Are there any additional settings required to ensure OneDrive configuration is automatic and silent when users sign into Windows 10 workstations joined to our domain?
Is there a log that will list reasons why sign in to OneDrive was not silent?
All replies (10)
Monday, June 18, 2018 9:37 AM
Hi Kalimanne,
Would you mind to share the details about the applied OneDrive settings? On end-user client side, open Registry settings, go to HKLM\SOFTWARE\Policies\Microsoft\OneDrive, share all keys and values listed there to us.
Important: ADAL is now enabled automatically when use "Silently configure OneDrive using Windows 10 or domain credentials" policy or the registry key so you don't have to download and enable it separately.
We can do further analysis and test in our side based on your settings. For more information about Use Group Policy to control OneDrive sync client settings, please read:
https://support.office.com/en-us/article/Use-Group-Policy-to-control-OneDrive-sync-client-settings-0ecb2cf5-8882-42b3-a6e9-be6bda30899c#silentconfig
Best Regards,
Winnie Liang
Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact [email protected].
Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.
Monday, June 18, 2018 4:54 PM
Here is the registry information you asked for.
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\OneDrive]
"FilesOnDemandEnabled"=dword:00000001
"SilentAccountConfig"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\OneDrive\DiskSpaceCheckThresholdMB]
"18ccb024-1285-4f62-85fe-84f37911c5d6"="10240
Wednesday, July 11, 2018 11:43 AM
Hi Kalimanne,
I'm writing you as i'm facing the same issue. I don't manage to get the silent configuration of new oneDrive client (18.025.0204) to work.
I've setup the different GPO as you but always getting the Sing In Screen.
One thing i can add is that users are prompted for MFA at first login. Something i don't get is MFA is disabled for my users in the O365 portal.
From what i've read appplications other that web app for O365 require an application password stored in the credential manager of Windows.
All Office 2016 client applications support MFA through the use of the Active Directory Authentication Library (ADAL). This means that app passwords aren't required for Office 2016 clients. However, if you find that this is not the case, make sure your Office 365 subscription is enabled for ADAL. Connect to and run the following command: Get-OrganizationConfig | Format-Table name, *OAuth*
Anyway, if you have any more news regarding this issue please let me know.
Friday, August 24, 2018 10:55 AM
Hello,
I'm also have the same issues.
Please can you advise on what I can do next to get this resolved.
Thanks
Friday, June 7, 2019 7:19 AM
If you want to use Silent Config for One Drive, your device must be joined to the Azure AD domain, not Active Directory. If you want to keep your device joined to an AD domain, you can do a "Hybrid" join where the devices is connected both to Azure AD and Active Directory.
Please refer to:
/en-us/onedrive/use-silent-account-configuration
Under prerequisites it says:
"Before you can enable silent account configuration, you need to join your devices to Azure AD. You can join devices running Windows 10 and Windows Server 2016 directly to Azure AD. "
Regards,
Clint Boessen MVP - Exchange Server, MCSE, MCITPx6, Dip Network Engineering
Blog: http://clintboessen.blogspot.com
Employer: http://avantgardetechnologies.com.au
Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Monday, September 9, 2019 4:52 PM | 1 vote
Per this post, On prem AD/Hybrid domain join should also support silent configuration,
/en-us/onedrive/use-silent-account-configuration
We are also having the problem in silent configuration. The OneDrive client will not sign in automatically.
We have provide the user name then it signs in without giving password (SSO)
Windows 10 1809
OneDrive client version is 19.086.0502.0008 (Enterprise ring)
Device is Hybrid domain joined.
Has anyone seen a workaround for this?
Friday, February 21, 2020 10:16 PM
Same issue here with Windows 10 1903. Device is hybrid joined. All the GPO settings in place. Still have to enter email address into OneDrive, SSO works fine but not silent login.
Friday, March 27, 2020 9:49 AM
What is the output of dsregcmd /status on the affected machine
Wednesday, May 27, 2020 2:21 PM
What am i looking for with this command? i see things like
AzureAdJoined : YES
EnterpriseJoined : NO
a bit further down i see this:
++
| Ngc Prerequisite Check |
++
IsDeviceJoined : YES
IsUserAzureAD : YES
PolicyEnabled : NO
PostLogonEnabled : YES
DeviceEligible : YES
SessionIsNotRemote : YES
CertEnrollment : none
PreReqResult : WillNotProvision
Thursday, July 23, 2020 8:31 PM
Anybody find and answer to this. I am seeing the same thing. One user it work, another it doesn't on the same machine. The only difference is the GPOs that are applied. I can't find a GPO object that would prevent the signing in of OneDrive.