Users in a federated domain see a yellow exclamation mark in Office 2013 apps

PROBLEM

When a user who is in a federated domain but who isn't synchronized to Azure Active Directory (Azure AD) opens an Office 2013 app, they see a yellow exclamation mark. 

CAUSE

By default, Office 2013 uses the Microsoft Online Services Sign-in Assistant (also known as IDCRL). IDCRL detects that the user’s domain is federated and therefore tries to authenticate the user to Azure AD. Because the user isn't synced to Azure AD, the user doesn't exist in Azure AD, and this triggers the yellow exclamation mark in the Office 2013 app.

SOLUTION

Do one of the following.

Solution 1: Set the SignInOptions registry key value to 3

Important Follow the steps in this section carefully. Serious problems might occur if you modify the registry incorrectly. Before you modify it, back up the registry for restoration in case problems occur.

Note Use this procedure for only those users who aren't synced to Azure AD. Using this procedure for synced users may cause those users to experience sign-in failures.

To resolve this issue for only those users who aren't synced to Azure AD, follow these steps:
  1. Click Start, click Run, type regedit, and then click OK.
  2. Locate the following registry subkey:
    HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Common\SignIn\
  3. Right-click the SignInOptions registry key, click Modify, type 3 in the Value data box, and then click OK.
  4. Exit Registry Editor.
Setting the SignInOptions registry key to 3 forces Office 2013 to authenticate only against the user's local Active Directory service instead of trying to sign the user in to Azure AD.

Solution 2: Use Office 2016

The yellow exclamation mark isn't displayed in Office 2016 apps.

MORE INFORMATION

Still need help? Go to Microsoft Community.
內容

文章識別碼:3158020 - 最後檢閱時間:2016年12月21日 - 修訂: 1

意見反應