Windows 10 & Azure AD challenge after de-federation

Just a quick post on a quick fix.

Recently at ████████████ we removed de-federated our ADFS infrastructure from Office 365 as it was no longer required.

After running the PowerShell scripts to switch our domain back to Managed (from Federated), forcing Yammer to use Office 365 identities (as it overrides the SSO configuration in the process), and forcing a password sync – for the most part things worked fine. Gradually Outlook re-connected itself, some phones prompted for a password to be re-entered, and all was good in the world.

Except for some people who use Windows 10, enrolled in Azure Active Directory, and the Edge browser. For some users what they saw when trying to access Office 365 resources was this:


InPrivate browsing mode worked fine, other browsers such as Firefox worked fine – just not Edge in normal mode. We thought we’d give it 8 hours for the token to expire but to no avail.

In the end the simple fix was a case of just flushing the cache and cookies – then it worked perfectly!

Also published on Medium.

Discover more from Loryan Strant, Microsoft 365 MVP

Subscribe to get the latest posts sent to your email.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Discover more from Loryan Strant, Microsoft 365 MVP

Subscribe now to keep reading and get access to the full archive.

Continue reading