How can I suppress the "Use this account everywhere on your device" dialog on first login to O365?

To prevent a device from being registered in Azure AD you must add this registry key 

HKLM\SOFTWARE\Policies\Microsoft\Windows\WorkplaceJoin, "BlockAADWorkplaceJoin"=dword:00000001

Same can be applied via GPO preferences

Source: https://docs.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-plan

As I said above, I will not be able to get an OU change for this event, so that is not a useful option.

It seems O365 is not the right product for this need. I will look into non-Microsoft options, maybe LibreOffice or Google Docs since you can't meet this use case - which seems fairly ordinary, honestly.

I am also curious why you were testing a solution for me when I said I could not use it. I will try and be more clear in the future, I am sorry you wasted your time with that.

Hi Cog XVI,

Thanks for your detailed description. This cannot be achieved in Office Deployment Tool but in Group Policy. Steps are:

1.Create a dedicated OU which only contains the computers which you want to suppress the dialog on. In your case the computers the users shared with.

2.Follow the steps in the article I provided to disable the automatic device registration. (Note here the steps here could be different in 2012R2 server, it's WorkPlace Join rather than Device Registration).

3.Link the policy to the OU.

The test in my own lab worked by doing so. Please feel free to let me know how it is going on your side.

Regards,

Leo

Hi Cog XVI,

This feature is formally called Hybrid Azure AD Join (included in Intune plan) and is for joining your on-prem domain joined devices to Azure AD Device Registration Service.

If you'd like to disable it in your organization, there are two available methods by either using GPO or SCCM: https://docs.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-control

Also, to check whether a device is Hybrid Azure AD joined,  run dsregcmd /status in advanced cmd: https://docs.microsoft.com/en-us/azure/active-directory/devices/troubleshoot-hybrid-join-windows-current

Please feel free to let me know the outcome.

Have a nice day.

Regards,

Leo

I don't see anything there that is helpful. I do not need to disable it in the organization, I need to disable it on specific machines. I have a special event where users will need to share a Windows profile, but will need to use Word and Excel documents. I need them to be able to sign in and activate Office so it works, but without opening up sharing credentials for email accounts and file access that should not apply to all users, etc.

Getting a group policy change in a large organization for a single even may be technically possible, but realistically it's not going to happen for this event. Server-side changes are not helpful in my scenario. I need something that can be done from the install, to prevent it from asking. I do not see an equivalent setting in the online Office Customization Tool. If it's there, it does not have the same name

I just need activate office applications. Prohibit credential sharing. That's it.

Right now, if a user signs out of Office, and another signs back in the prompt to share comes back, and the user has permission to do it. I need it to suppress that dialog box.