VMware Horizon Community
JonAmadori
Enthusiast
Enthusiast
Jump to solution

Office 365/Sharepoint Online Auto Login in IE not being captured

Hello,

I am using floating desktops that refresh at logoff with UEM 9.1, and I am currently capturing IE settings, IE passwords and Personal Certificates using the builtin Windows settings and not redirecting the AppData.


For almost all websites, UEM is able to capture my user's passwords and settings, however the login page for Sharepoint online (login.microsoftonline.com) will not remember that the user has checked the Keep Me Signed In box. When you enter in your email address and check that box, the user should be redirected to our ADFS website for SSO with Office 365 and then redirected back to our main Sharepoint online page.

Upon logging out and back in I can see UEM captured cookies and user certificates, however when the user logs back in and heads to our Sharepoint online page, they are presented the login page and must authenticate again.


Has anyone had any luck in capturing this setting or have any ideas as to what I can try next?


Thanks.

1 Solution

Accepted Solutions
JonAmadori
Enthusiast
Enthusiast
Jump to solution

Eric,

Thanks for the response, I tried capturing that Folder Tree and did not have luck getting the auto login setting to stay.  As luck would have it I reached out to a friend who came back with a two step process that has been working:

1.) Create a new custom FlexConfig titled “IE WebCache” under Windows settings. With the settings in the below:

        1.PNG 

2.) Created logoff task in the User Environment settings, this is needed to kill a task that locks one of the WebCache files we need to back up.  Note, it’s important to set it to run task before profile export.

          2.png

View solution in original post

Reply
0 Kudos
4 Replies
EricNichols
Hot Shot
Hot Shot
Jump to solution

Try this:

  1. [IncludeFolderTrees] 
  2. <LocalAppData>\Microsoft\Credentials 
Reply
0 Kudos
JonAmadori
Enthusiast
Enthusiast
Jump to solution

Eric,

Thanks for the response, I tried capturing that Folder Tree and did not have luck getting the auto login setting to stay.  As luck would have it I reached out to a friend who came back with a two step process that has been working:

1.) Create a new custom FlexConfig titled “IE WebCache” under Windows settings. With the settings in the below:

        1.PNG 

2.) Created logoff task in the User Environment settings, this is needed to kill a task that locks one of the WebCache files we need to back up.  Note, it’s important to set it to run task before profile export.

          2.png

Reply
0 Kudos
Pieter_S
Enthusiast
Enthusiast
Jump to solution

Hi JonAmadori,

Because you use ADFS you will not be able to fetch these settings in UEM.

ADFS is used that no username or passwords will leave the company. SAMLtokens are used instead, they cannot be saved in UEM.

The attachment shows the authentication with ADFS. Ill do a brief summarization of what is happening:

1. User tries to authenticate at a Federated service.

2. Application checks Azure AD saved credentials (Optional)

3. ADFS enabled application sends the request to ADFS servers to obtain a token.

4. ADFS checks user credentials at company AD.

5. If verified AD sends back an "OK" to ADFS.

6. ADFS will supply user with SAML token to grant access to Federated app.

7. Ticket is presented at the Federated app.

8. access is granted based on the ticket

Hopefully this helps.

Okay... Its a bit off-topic for UEM but this is how it works Smiley Happy

Greetings,

Pieter

doddsington
Contributor
Contributor
Jump to solution

Instead of killing the taskhost process, you can gracefully stop the scheduled task with schtasks.exe:

Capture.PNG

I ran into this same issue with our on-prem WebEx Meetings site.