Re: Office 365 prompts for Activation on every log...

nettech1 · ‎02-02-2022

Hi,

We were using Azure AD connect for SSO for 365 and were synching our AD account password hashes to Azure. We are using DEM Enterprise. Horizon 8.4 / 2111

Today we disabled SSO in Azure AD connect and stopped password hash sync and configured OKTA to handle SSO for 365. Users on physical desktops and standalone vms are working as expected, however all of our users on instant clone vms are getting prompted to sing in to office applications on every log in. We are not using ADFS.

Instant clone VMs are Windows 10 1909 with 64 bit version of office 365.

Master image has Office installed with the following config.

Does anyone know what we are missing and why office does not activate when OKTA is the SSO provider?

OKTA SSO was configured using this KB https://help.okta.com/en/prod/Content/Topics/Apps/Office365-Deployment/configure-sso.htm

Is there something we need to add to DEM config for the user or computer side ?

Thank you

mrkasius · ‎02-03-2022

Hi nettech1,

Do you have configured Office 365 Silent Activation as well?

nettech1 · ‎02-03-2022

@mrkasius

That may be it. Silent Activation was not enabled on my okta tenant, apparently this feature is still private and has to be requested by a customer to be enabled by okta support.

nettech1 · ‎02-06-2022

So with Office 365 Silent Activation the problem took a 180 degree turn. All instant clone VMs are not prompting users to sign it, however all standalone systems are prompting users to authenticate to OKTA when they open any of the Office 365 App.

Is the only solution to uninstall Office and reinstall it on standalone with a shared computer flag?

Thanks

mrkasius · ‎02-07-2022

@nettech1 , In normal circumstances ADAL (WS-Federation) should take care of standalone systems. Does Office 365 works fine when accessed via a browser on standalone systems?

All

Office 365 prompts for Activation on every log in