Moltron83
Enthusiast
Enthusiast

Office 365 Yellow Exclaimation "Sorry, we can't get to your account right now."

Hello -

I've created a new Windows 10 instant clone pool and in testing I am seeing this yellow exclamation at the top right of office apps.  When I click it, it says Account Error.  Sorry, we can't get to your account right now.  Then I have the option to sign in again to fix it.  It actually says that I am already signed in, and Office does seem to be activated.  When I sign in again, the exclamation goes away and things seem fine.  Then when I log off and back in, its back, and it still says I am signed in.

My environment:

UEM 9.8

Office 365 ProPlus installed in master image (not app volume)

Win10 1903

I'm capturing the office license token with my own custom template for UEM, but other than that I am using what is provided by easy start for Office 2016.

We don't use SSO with O365.

OSOT Windows 10 template used after Office 365 install

Sophos Intercept X installed for AV/Endpoint protection

This is fixed by capturing the entire HKCU, LocalAppData and AppData areas with UEM.  Now, that's way overkill and only for testing.  I've used process explorer to try and figure out whats missing but can't seem to find it.

Any ideas on this?  I would think many others would have had this issue also, but I can't find a whole lot.  Short of re-doing the master image I'm running out of options.

Thanks for the help!!

0 Kudos
3 Replies
kblank
Contributor
Contributor

Not 100% sure if I remember this correct but I think you need windows setting template "Personal Certificates - X" to complete your profiles..

0 Kudos
cbaptiste
Hot Shot
Hot Shot

To fix your issue, the following should work. After working with Microsoft and doing a tons of research.

Add an exclusion

Personalization > Microsoft Office 2016 > Shared Office

[ExcludeRegistryTrees]

HKCU\Software\Microsoft\Office\16.0\Common\Identity

Remove both Personalization > Windows Settings > Personal Certificates & IE Passwords. Why do you need to remove both personal certificates and IE passwords? Because they both roam credentials in credential manager and Microsoft recommends not to do that as Office stores credentials manger and apparently that credential is tied to the computer but not necessarily the user. Also they do not recommend roaming the license token folder. 

[IncludeFolderTrees]

<AppData>\Microsoft\Protect

<LocalAppData>\Microsoft\Vault

P.S You will need to remove these files from existing uemprofiles

Deleted the following zip files

Personalization > Microsoft Office 2016 > Shared Office.zip

Personalization > Windows Settings > Personal Certificates.zip

Personalization > Windows Settings > IE Passwords

0 Kudos
jordanht
Enthusiast
Enthusiast

Facing the same issue in my environment. Did you ever get this resolved? Thank you.

0 Kudos