Modern Authentication

Even though SSO or ADFS is used within Office 365 initially both Outlook and Skype clients will prompt for credentials providing a not-so seamless environment.

If enabled, Modern Authentication will make this seamless for Office 2013 and Office 2016. Office 2013 will require a registry which can be deployed via GPO.

HKCU\SOFTWARE\Microsoft\Office\15.0\Common\Identity\EnableADAL REG_DWORD 1
HKCU\SOFTWARE\Microsoft\Office\15.0\Common\Identity\Version REG_DWORD 1

Using PowerShell to check

$UserCredential = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri -Credential $UserCredential -Authentication Basic -AllowRedirection
Import-PSSession $Session
Get-OrganizationConfig | select *OAuth*

To change

Set-OrganizationConfig -OAuth2ClientProfileEnabled:$true

Similarly for Skype for Business

$UserCredential = Get-Credential
$session = New-CsOnlineSession -Credential $credential -Verbose
Import-PSSession $session
Get-CsOAuthConfiguration | select *Adal*

To change

Set-CsOAuthConfiguration -ClientAdalAuthOverride Allowed



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s