Share via

"Windows needs your current credentials..." notification after converting users to Cloud only

Mike Gaum 45 Reputation points
2024-07-24T19:41:20.3033333+00:00

We're getting rid of our local Active Directory soon and started converting On-premises synced users to Cloud only users.

I believe there are 2 ways of doing this and we chose the less recommended one by Microsoft for testing purposes since it doesn't affect all users at once.

Instead of disabling the sync between Active Directory and Entra ID, we do the following :

  1. Unsync the user in Active Directory (this deletes the user in Entra ID).
  2. Restore the user in Entra ID (takes about 15 minutes for everything to go back to normal for the user).

The following notification error started appearing from time to time on our devices :"Windows needs your current credentials. Please lock this computer, then unlock it using your most recent password or smart card."

  • The devices are exclusively joined to Entra ID / Intune.
  • The devices are not necessarily on the same network as the Active Directory.

What we tried (without success) :

  • Cleared the Credential Manager on the devices.
  • Created the following Configuration Profile in Intune :
    OMA-URI: ./Device/Vendor/MSFT/PassportForWork/
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,630 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
5,189 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Crystal-MSFT 49,346 Reputation points Microsoft Vendor
    2024-07-25T01:52:27.0333333+00:00

    @Mike Gaum, Thanks for posting in Q&A. For the users converting I am not familiar, but from Intune side, if it is enrolled before I think the device is Microsoft Entra Hybrid joined. To change to Microsoft Entra join, I think we need to unenroll the device and enroll again with other enrollment method like Windows Autopilot Microsoft Entra join, Automatic enrollment+ Microsoft Entra join method

    https://learn.microsoft.com/en-us/mem/intune/fundamentals/deployment-guide-enrollment-windows

    Hope the above information can give you some help.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.