This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(163.2, 24%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPS%3C/text%3E%3C/svg%3E)
If I have a AD domain joined Windows 10 22H2 device that is only Entra ID registered then full SSO will never work, but if I configure Azure Seamless SSO the following only works:- Office 365 Apps login (excl. Teams)- Browser SSO such as to https://portal.office.comWhat doesn't work is automatically logging into Teams, where you will always have to authenticate. You also need to enter your password to log in to Edge itself. Is this correct?For the device it doesn't need to be synced to Entra ID using AADConnect?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 17%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
@Paul S Just checking in to see if below information was helpful. If you have any further updates on this issue, please feel free to post back.
Please remember to "Accept Answer" if answer helped, so that others in the community facing similar issues can easily find the solution.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(70.4, 96%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EFA%3C/text%3E%3C/svg%3E)
Hi @Paul S
Thanks for reaching out to Microsoft Q&A.
If your device is registered, and you have an Entra ID account, the device will use an artifact called "PRT" (Primary Refresh Token) for SSO. Since the device is already registered, there's no need to sync it from your onpremises infra. You can definitely enable SSSO on your Entra ID Connect though as it won't do any harm to your current environment.
Let me know if you have any questions.
Thanks,
Fabio
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 83%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENJ%3C/text%3E%3C/svg%3E)
Hi Paul S,
Thank you for posting in the Q&A Forums.
For Seamless SSO to work fully between Windows 10 22H2 AD domain devices and Azure AD, you may want to consider the following:
Ensure that the synchronization between Azure AD and the local AD (if applicable) is configured correctly and that a tool such as AADConnect is used for synchronization.
Check the configuration and policy settings for Teams and Edge browsers to ensure that they support seamless SSO for Azure AD.
Consider using other authentication methods (e.g., OAuth, SAML, etc.) to enhance the SSO experience if needed.
Best regards
NeuviJ
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.
