Skype for Business mobile users can’t sign in when Modern Authentication/MFA is enabled

Recently, I have noticed the Skype for Business client prompting for credentials when it ties to connect to Exchange Web Services for mailboxes in Exchange Online (EXO).  The EXO tenant is configured for Modern Authentication (ADAL) and Azure Multi-Factor Authentication (Azure MFA) but Skype for Business is still on-premises using kerberos.  So, when the Skype for Business client tries to connect to EWS in EXO, EXO is attempting to ask for ADAL and MFA, but the client isn’t configured to respond with it.

Microsoft has an article that describes this issue (https://support.microsoft.com/en-us/help/3126604/skype-for-business-mobile-users-can-t-sign-in-when-modern-authentication-is-enabled)

The solution is to create a registry value HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\16.0\LyncAllowAdalForNonLyncIndependentOfLync to enable the Skype for Business client to respond accordingly.  Details can be found at https://support.microsoft.com/en-in/help/3082803/info-about-the-allowadalfornonlyncindependentoflync-setting-in-skype-for-business,-lync-2013,-and-exchange-online.

Advertisements

About Gary Cooper

I am a Senior Systems Architect for a small midwestern US consulting company (Horizons Consulting) and I currently am certified by Microsoft
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s