Highlighted
Contributor
Contributor

DEM Teams - MFA - login every time

Jump to solution

We have been using the per-machine installer version of Teams and DEM to capture the settings. However we have never successfully been able to capture the user logins so the user has to log in each time they open a new non-persistent session.

For Teams we use Duo MFA push to log in.

If we capture the whole profile the settings persist so somewhere we are missing a setting to capture in DEM.

Any suggestions would be welcome here as I am at my wits end with this program.

Current DEM settings are as follows ( we do not use DirectFlex):

[IncludeFolderTrees]

<LocalAppData>\Microsoft\IdentityCache

<LocalAppData>\Microsoft\Teams

<LocalAppData>\Microsoft\TeamsMeetingAddin

<LocalAppData>\Microsoft\TeamsPresenceAddin

<LocalAppData>\SquirrelTemp

<LocalAppData>\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy

<AppData>\Microsoft\Teams

<AppData>\Microsoft Teams

<AppData>\Teams

[IncludeRegistryTrees]

HKCU\Software\Microsoft\Office\Teams

[ExcludeFolderTrees]

<AppData>\Teams\logs

<AppData>\Microsoft Teams\logs

<AppData>\Microsoft\Teams\media-stack

<AppData>\Microsoft\Teams\Service Worker

<AppData>\Microsoft\Teams\Application Cache

<AppData>\Microsoft\Teams\Cache

<AppData>\Microsoft\Teams\tmp

<AppData>\Microsoft\Teams\meeting-addin\Cache

<LocalAppData>\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\TempState

<LocalAppData>\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\AC\Temp

[ExcludeFiles]

<AppData>\Microsoft\Teams\*.txt

<AppData>\Microsoft\Teams\lockfile

<LocalAppData>\SquirrelTemp\SquirrelSetup.log

0 Kudos
1 Solution

Accepted Solutions
Highlighted
Expert
Expert

Hi harlee​,

I suspect the following marked (red) item to be the reason.

[ExcludeFolderTrees]

<AppData>\Teams\logs

<AppData>\Microsoft Teams\logs

<AppData>\Microsoft\Teams\media-stack

<AppData>\Microsoft\Teams\Service Worker

<AppData>\Microsoft\Teams\Application Cache

<AppData>\Microsoft\Teams\Cache

<AppData>\Microsoft\Teams\tmp

<AppData>\Microsoft\Teams\meeting-addin\Cache

<LocalAppData>\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\TempState

<LocalAppData>\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\AC\Temp

Can you put a hashtag (#) at beginning of that line to exclude this (line turns green) and double check using a clean profile? Don't forget to save the config file before checking Smiley Wink.

#<AppData>\Microsoft\Teams\Cache


\\ Ivan
---
Twitter: @ivandemes
Blog: https://www.ivandemes.com

View solution in original post

0 Kudos
3 Replies
Highlighted
Expert
Expert

Hi harlee​,

I suspect the following marked (red) item to be the reason.

[ExcludeFolderTrees]

<AppData>\Teams\logs

<AppData>\Microsoft Teams\logs

<AppData>\Microsoft\Teams\media-stack

<AppData>\Microsoft\Teams\Service Worker

<AppData>\Microsoft\Teams\Application Cache

<AppData>\Microsoft\Teams\Cache

<AppData>\Microsoft\Teams\tmp

<AppData>\Microsoft\Teams\meeting-addin\Cache

<LocalAppData>\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\TempState

<LocalAppData>\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\AC\Temp

Can you put a hashtag (#) at beginning of that line to exclude this (line turns green) and double check using a clean profile? Don't forget to save the config file before checking Smiley Wink.

#<AppData>\Microsoft\Teams\Cache


\\ Ivan
---
Twitter: @ivandemes
Blog: https://www.ivandemes.com

View solution in original post

0 Kudos
Highlighted
Contributor
Contributor

Thank you ijdemes this seems to have fixed the issue now.

0 Kudos
Highlighted
Enthusiast
Enthusiast

@ijdemes 

So, including the Cache (<AppData>\Microsoft\Teams\Cache) folder in UEM is "required" to prevent login prompts for Teams. Is that correct?

That is such a HUGE folder to load in UEM.  Does ALL of the Cache directory need to be included?  Importing such a large folder in UEM will increase login times. 

0 Kudos