This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 97%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED%3C/text%3E%3C/svg%3E)
We have successfully enabled seamless SSO in our Active Directory - Microsoft Entra ID environment by following Microsoft's quickstart guide (https://learn.microsoft.com/en-us/entra/identity/hybrid/connect/how-to-connect-sso-quick-start) and tested it by browsing to https://myapps.microsoft.com/ourdomain.onmicrosoft.com. Test was successful and we are automatically logged in.
The problem we actually have is that we can't auto sign on Microsoft Teams or any other office desktop apps (Word, Excel...).
Speaking about Teams, we've installed it by downloading teamsbootstrapper.exe (https://go.microsoft.com/fwlink/?linkid=2243204&clcid=0x409) and running .\teamsbootstrapper.exe -p. Teams successfully opens but it always prompts for user and password.
When it comes to Word or any other office desktop app, we actually see user's information in the top right corner of Word's starting page, and when we browse into Open from OneDrive, we can click the "Sign on" button. Once we've clicked it, we get prompted to select an account to log into OneDrive and we select current logged in user's account, but the prompt just closes and nothing happens.
Things that we already did/check:
Our machines are running:
Thanks beforehand!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hi @DavidM
According to our official documentation, please check if these are the issues you are encountering:
https://autologon.microsoftazuread-sso.com) to the Trusted sites zone instead of the Local intranet zone blocks users from signing in.Your issue is likely related to enabling Seamless SSO. In order to better help you, I will add Azure-related tags to your post. Thanks for your understanding and patience!
Hey @Anonymous !
I'll answer step by step so I don't miss out any of the issues you relate:
Feature was enabled for a long period of time but noe we are testing issues due to our users reporting us that they are not auto-signed in
Didnt disable/re-enable
Ok.
We do not use OneDrive client in out environment. Anyway, we enabled that regkey mentioned "SilentAccountConfig" but still doesn't work.
Not the problem
Not the problem
Not the problem
Not the problem
Test users currently have arrount 10-15 groups. Do not consider that to be "too many groups".
Not our case, only 2 forests.
https://autologon.microsoftazuread-sso.com) to the Trusted sites zone instead of the Local intranet zone blocks users from signing in.Done.
As you can see, any of these issues are our current problem. Our issue persists, we can't auto signin Teams or Word's OneDrive storage.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 2%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAP%3C/text%3E%3C/svg%3E)
Hi David,
I have the absolute same behavior currently too. Did you find anything out in the meantime? Please let me know. If not, I will investigate further too and would let you know, if I come to a solution.
André
I personally recommend you do not enable Seamless SSO:
https://trustedsec.com/blog/azure-ad-kerberos-tickets-pivoting-to-the-cloud