Some users intermittenty lose access to Microsoft365 services and store

Alexander Helgesson Bjuvefors 1 Reputation point
2022-07-07T10:30:45.1+00:00

Hi,

So I havn't found an answer to this anywhere online so I am posting it here. Might post in a few other forums as well.

I work with alot of IT-environments utilizing Azure AD and Office365.

In one of the environments we are running about 100 computers all connected to Azure AD, running Intune and Autopilot. All users sign in to their computers using their Azure AD account. This environment has been running fine for over a year. We make very small changes in it and it's all good.

But then a few months back a few users started having an issue with losing connection to Exchange Online from Outlook, stating that it's "trying to connect". We started troubleshooting and noticed that at the same time Microsoft Store didn't work, and the other Office apps (Word, Excel, Powerpoint etc.) lost access to the "connected services" under the Office Account settings.

More information:

  • Onedrive and Teams stays connected (probably since they are using their own credentials or tokens?)
  • This happens just for a few of the users, they are not special in anyway deploymentwise, same licenses as other users and same policies applied from Intune and same computer models as the others.
  • This happens in all networks, not just in the Office.
  • We have been runnings SARA inside the profile, trying to reach Exchange Online and it fails to reach it, just hanging on autodiscover. Although if we run it as admin (another account on the computer it succeeds).
  • We have tried making the user a local admin, the issue persists.
  • We get no sign-in logs in Azure after the connection is lost, so the sign in tries does not reach Azure.
  • We usually solve it by restarting the computer a few times, just rebooting one time does not solve it. Usually after 3-5 reboots everything comes back online...
  • We've tried to repair Office
  • We've tried restarting all or stopping and starting all Microsoft services connected to Office365 or Identity
  • We've deleted the HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity and rebooted the computer, it works fine for a day or two and then the issue comes back.
  • Tried switching one of the users to another computer and after just a day the issue showed up there as well. So we cannot bind it completely to a single device or a single user. (Just tried this once so could have been bad luck?)
  • Tried Autopilot-resetting a device, (clearing the device completely and then the user gets a new local profile on the machine) still waiting to get the results if this solved anything.

I've been running a ticket with Microsoft support for a few days and we are trying to solve this but has not been able to yet.

So a few questions:

  1. Does anyone know where I can read about the exact process that handles the sign-ins for Windows to the Office365 with the connected Azure AD user? I need to know more about the actual processes, services, tokens, certificates used.
    I've read this one, and although it describes a lot it did not help me find a solution for this.
    https://syfuhs.net/how-azure-ad-windows-sign-in-works#:~:text=The%20way%20this%20works%20you,through%20the%20same%20old%20dance.
  2. Anyone has an idea of how to possibly solve this or ran into similar issues?

Kind regards.
Alex

Windows 10 Setup
Windows 10 Setup
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Setup: The procedures involved in preparing a software program or application to operate within a computer or mobile device.
1,903 questions
Microsoft Exchange Online Management
Microsoft Exchange Online Management
Microsoft Exchange Online: A Microsoft email and calendaring hosted service.Management: The act or process of organizing, handling, directing or controlling something.
4,177 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,473 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Limitless Technology 39,356 Reputation points
    2022-07-12T07:28:46.723+00:00

    Hi AlexanderHelgesson-3904,

    Yes, you can know exact process that handles the sign-ins for Windows to the Office365 with the connected Azure AD user.:-

    https://learn.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-sign-ins/

    To fix your issue, since Support ticket is already active it will be resolved soon by then you can go to Link I provided to know the process that handles the sign-ins for Windows to the Office365 with the connected Azure AD user. And cross check if all settings related to User Sign-in and access are as per requirements or not.

    ---------------------------------------------------------------------------------------------------------------------------------

    --If the reply is helpful, please Upvote and Accept it as an answer–

    1 person found this answer helpful.
  2. Limitless Technology 39,356 Reputation points
    2022-07-15T14:35:26.83+00:00

    Hi, Alexander. Thank you for your question and reaching out. My name is John and I’d be more than happy to help you with your query.

    I am so sorry about that. I have been through this before so I totally understand where are you coming from.
    I highly suggest you to visit the article that helps me to fix this. You can click

    https://learn.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-sign-ins.

    I believe it will be easier for you to check it out on your end since it has images of the steps by step procedure on how to fix this.

    If the reply was helpful, please don’t forget to upvote or accept as answer, thank you.
    Best regards,

    John Marwin G

    0 comments