We haven't identified WHY it is missing for some user Win10 installs and not others yet. well, it may very well be because this rather critical module is missing. If you are having a lot of end-user support headache because of Office365 quirkiness. it was ALSO just resolved because we fixed this". Just today he IM'd me and said "oh yeah, this other issue we have been trying to fix for weeks on end. Disabling ADAL can "fix" the issue with outlook but in our experience it still left TONS of other stuff broken. It's nuts to me that MS has had this issue for YEARS and has just been duck taping it and moving on. So hopefully the official MS support answer and documentation will change.
#Outlook identity regedit full
As soon as he figured it out he handed the full fix to MS support with all instructions as shown above. We spent ~2 years dealing with this crap.
#Outlook identity regedit windows
He then started digging into Windows and how modern auth works and came across the above fix. Spent weeks with MS support and he got rather irritated when they told him to disable ADAL. That was exactly what happened to my colleague. I pulled all the fix/code from the following article on my blog (my colleague actually figured it all out): I am publishing this fix everywhere I can as we dealt with this frustration for so long and want to make sure anyone digging around for a fix finds it. It has been a silver bullet for every user that have had issues with all kinds of Microsoft apps (Project Online, Outlook, Teams, etc.) and also have had all manner of headache when MFA gets enabled on their accounts. He started deep diving into Modern Auth as the issue (instead of it being outlook or other Office365 Apps) and finally found this solution. We wrestled with this for TWO YEARS at my organization and a colleague of mine got fed up with Microsoft Support when they told him to just disable Modern Auth via that registry entry because doing so means if you want to turn on MFA for users you generally can't because all manner of things will break. I highly recommend NOT just disabling modern authentication using that registry entry because you will have all manner of headache with other Office365 applications. Powershell Remove-ItemProperty -Path "HKCU:\Software\Microsoft\Office\16.0\Common\Identity" -Name "EnableADAL" cmdkey / list | ForEach -Object If anyone else has resolved this issue without using the EnableADAL = 0 fix, how have you done so? How do your clients have to be configured to use modern authentication with ADAL, in regards to protocols or security?Īny insight is welcome! Thanks in advance! I haven't opened a ticket with MS yet but I may if my search does not prove fruitful. Speaking of research, I haven't found much info newer than December 2018. Additionally, we're looking to roll out Duo 2FA to all end users within a year, and while current research shows that the 2FA will continue to work as intended with ADAL/modern authentication disabled, I'm worried that it may break down the line. My main concern is that these dialog boxes may return, prompting further user frustration and possibly generating tickets. It only affects users who have been migrated. We haven't seen this issue arise when a user is on a machine that was originally imaged with Office 365. Information and fixes from Microsoft have been scant as well, outside of the registry key one. This seems to be our most effective fix, and it's the one we arrived at after hours of forum digging and web searches. Once the key is added, and the user restarts Outlook, they receive a legacy authentication dialog box, enter their domain password, and connect to their mailbox without issue. HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity:"EnableADAL"=dword:00000000 Currently, our fix to this has been to add the following registry entry: We can click the "more details" link to see more info about the error, but it tells us nothing specific. We've been experiencing an issue with our Outlook clients after a user is upgraded from Office 2016 Standalone to Office 365 Business: After the click-to-run installer is complete, and often after a reboot, Outlook will show the splash screen when launched, then a mini-browser window will be displaying showing the dreaded "An error occurred" message.