SSO doesn't work on AZURE AD registered PC

HK G 466 Reputation points

The MS documents state that SSO to cloud resource is a feature of Azure AD registered device. I did the registration and could see the status on the Azure AD portal. However, when I sign-in to the cloud resource, I seemed to have to sign-in individually (Outlook, Onedrive and etc) instead of having the SSO experience. When I checked the device status using dsregcmd, I could see that it is workplacejoined under user state and no in the SSO state.

AzureAdPrt : NO
AzureAdPrtAuthority : NO
EnterprisePrt : NO
EnterprisePrtAuthority : NO

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
14,625 questions
{count} votes

2 answers

Sort by: Most helpful
  1. HK G 466 Reputation points

    Thanks for the reply.

    The web SSO is working as they are all in the same browser. However, not with the desktop clients as I mentioned.

    The PC is Azure AD registered not Azure AD joined and it is Windows 10. I read that all 3 types of devices all support SSO on cloud resources (Azure AD join, Hybrid Azure AD join and Azure AD registered). On the Azure Portal, the device is list as Azure AD registered.

    The device is indeed showing workplacejoined: yes in dsregcmd.

    0 comments No comments

  2. Amit Kumar 1 Reputation point


    In case of Azure AD registered devices AzureAdPrt value will be set to No.

    Make sure the device has a certificate issued from MS-organization-Access under Certificates > Personal. And Event viewer logs on the affected machine are showing success. You can check event viewer logs under "Applications and Services logs > Microsoft > Windows > User Device Registration".

    If you want to test SSO on Azure AD registered device, please open Edge browser and test with either or

    Amit Kumar

    0 comments No comments