Hello -
I've created a new Windows 10 instant clone pool and in testing I am seeing this yellow exclamation at the top right of office apps. When I click it, it says Account Error. Sorry, we can't get to your account right now. Then I have the option to sign in again to fix it. It actually says that I am already signed in, and Office does seem to be activated. When I sign in again, the exclamation goes away and things seem fine. Then when I log off and back in, its back, and it still says I am signed in.
My environment:
UEM 9.8
Office 365 ProPlus installed in master image (not app volume)
Win10 1903
I'm capturing the office license token with my own custom template for UEM, but other than that I am using what is provided by easy start for Office 2016.
We don't use SSO with O365.
OSOT Windows 10 template used after Office 365 install
Sophos Intercept X installed for AV/Endpoint protection
This is fixed by capturing the entire HKCU, LocalAppData and AppData areas with UEM. Now, that's way overkill and only for testing. I've used process explorer to try and figure out whats missing but can't seem to find it.
Any ideas on this? I would think many others would have had this issue also, but I can't find a whole lot. Short of re-doing the master image I'm running out of options.
Thanks for the help!!
Not 100% sure if I remember this correct but I think you need windows setting template "Personal Certificates - X" to complete your profiles..
To fix your issue, the following should work. After working with Microsoft and doing a tons of research.
Add an exclusion
Personalization > Microsoft Office 2016 > Shared Office
[ExcludeRegistryTrees]
HKCU\Software\Microsoft\Office\16.0\Common\Identity
Remove both Personalization > Windows Settings > Personal Certificates & IE Passwords. Why do you need to remove both personal certificates and IE passwords? Because they both roam credentials in credential manager and Microsoft recommends not to do that as Office stores credentials manger and apparently that credential is tied to the computer but not necessarily the user. Also they do not recommend roaming the license token folder.
[IncludeFolderTrees]
<AppData>\Microsoft\Protect
<LocalAppData>\Microsoft\Vault
P.S You will need to remove these files from existing uemprofiles
Deleted the following zip files
Personalization > Microsoft Office 2016 > Shared Office.zip
Personalization > Windows Settings > Personal Certificates.zip
Personalization > Windows Settings > IE Passwords
Facing the same issue in my environment. Did you ever get this resolved? Thank you.