Weird 365 / Access Work or School account problem on Windows 10

Forums › IT Pro and developers › Weird 365 / Access Work or School account problem on Windows 10

mobiusnz

477 posts

Ultimate Geek
+1 received by user: 114

#303809 10-Mar-2023 13:30

I have this ONE user - She has a laptop joined to a local AD domain all working fine. She then has a 365 Standard account with Office installed, logged in and email/Teams etc setup which adds the 365 Account to the Access Work or School and then things behave as expected.

The problem is a number of times now its gotten to the point where Outlook stalls are the loading splash screen and teams comes up with a problem connecting with a login link that just loops through.

The only way to fix it is delete the Work or School account, reboot. Then you go back and the account is still there so you delete it again. Run Outlook and it prompts for the login details, logs in, re-adds the account and works like a dream for an indeterminate period of time.

The user swears if she only uses the laptop at work its fine and continues working. If she takes it home, bang the account won't work and won't work anywhere anymore until I remove it and re-login.

I can't find anything on this problem as its a little tricky for me to decide what to search on - Whatever I try I get lots of generic stuff about joining work and school etc but I can't find anyone else seeing the same symptom.

I guess its one of those issues where maybe I'm best just to delete her local profile altogether on the laptop and then log her in and set her profile on the PC up from scratch but just wondering if anyone has any thoughts or has seen this symptom.

She has the same logged into a desktop at the office and thats been bullet proof and they don't have any weird Azure Location conditions or anything (Or a plan that includes that anyway).

I don't want to have to kill the profile but that'll be the next step. As you know you just get some users where they'll be ringing daily with "Blah doesn't work" which is just a small change in her profile that needs a click - Basically, a user who doesn't like change :)

I would like to know if there is something triggering it rather than just getting brutal but that might be the only solution.

PS - I've been setting users up on 365 since 2010 as Exchange Online and have done 1000's - This is the only time I've seen this symptom which is why its bugging me so much. I don't like being beaten ;)

Matt Beechey Mobius Network Solutions

Andib

1395 posts

Uber Geek
+1 received by user: 974

ID Verified

Trusted

#3048663 10-Mar-2023 14:43

Repeated sign in issues like this generally point to a TPM that's starting to play up.
Try clear the TPM and re-sign in, remembering to make sure (if enabled) you have the bitlocker recovery key) BEFORE you clear the TPM.

<#
.DISCLAIMER
Anything I post is my own and not the views of my past/present/future employer.
#>

gbwelly

1263 posts

Uber Geek
+1 received by user: 776

#3048686 10-Mar-2023 15:38

mobiusnz:

The user swears if she only uses the laptop at work its fine and continues working. If she takes it home, bang the account won't work and won't work anywhere anymore until I remove it and re-login.

Conditional access related perhaps?

mobiusnz

477 posts

Ultimate Geek
+1 received by user: 114

#3049454 13-Mar-2023 09:13

gbwelly:

Conditional access related perhaps?

They don't have any on nor the plan to support it. I say this not actually checking but because they are only on the standard plan there is no conditional access included. I agree though, thats a little how it seems.

Matt Beechey Mobius Network Solutions

mobiusnz

477 posts

Ultimate Geek
+1 received by user: 114

#3049456 13-Mar-2023 09:14

Andib:

Repeated sign in issues like this generally point to a TPM that's starting to play up.
Try clear the TPM and re-sign in, remembering to make sure (if enabled) you have the bitlocker recovery key) BEFORE you clear the TPM.

Very good point - I hadn't thought about TPM issues. It wouldn't surprise me at all if she's even had errors but clicks ok and ignores them as initially things seem to work so she hasn't made the connection. I'll have a look at the TPM state and have a look in the eventlog. As you say I'll clear it and re-sign in and see if it sticks.

Matt Beechey Mobius Network Solutions

mobiusnz

477 posts

Ultimate Geek
+1 received by user: 114

#3059685 6-Apr-2023 10:08

Thought I better come back to this. Like clockwork her laptop has been a dream at home - She took it into the office yesterday for some teams meetings and today it wouldn't connect to anything 365 back home.

So this time I ran the powershell command "Clear-TPM" as the troubleshoot option to reset was missing from defender even though she has local admin rights?

After a reboot this time windows complained about the Microsoft account and asked us to login again - Banged in the password and it worked. Normally I've been removing the account from the device, rebooting and then logging in and it often needed two reboots.

So -

1) Maybe this fixes it long term although I can't understand TPM having issues changing location??

2) If it still does it I'll create an icon to run the powershell command and then restart so worst case while we work out what it is she has a process to click an icon, reboot and then login again and it all works.

It does seem to be like clockwork - She can use it for weeks just at home for WFM and its fine - Take it in the office, it works again. Take it home afterward and its gone??

I should have a look at Group Policies on their server as its come up from an old SBS2003 so there could be a miss-behaving GPO messing with the TPM or stored credentials unintentionally but at this point we'll see if it does it again.

Thanks @Andib I don't know why I hadn't thought of TPM - Hopefully the reset does the job.

Matt Beechey Mobius Network Solutions