![]() ![]() If user1 profile previously authenticated using the modern auth, user2 can walk up even after a PC reboot and pick user1 profile, and it allows them access without a password prompt.To have any Outlook M365 desktop app profile selected and always have it prompt to authenticate To use Outlook M365 desktop app and not be required to use Outlook on the web \ OWA Read about conditional access policies using Common identity and device access policies but not sure if this could handle it or if there's a simpler way before diving into this to see if that'd help but seems a bit brute force to start Read about Primary Refresh Token and thought about figuring out where this token is located on the local machine and a solution at that level to wipe, prevent saving, etc. ![]() I'm not finding any equivalent options here for modern authentication though. ![]() There an Office GPO setting " Prevent saving credentials for Basic Authentication policy", but setting it won't apply since modern authentication is always used. How do I make Outlook prompt for a password Slews of Googling with a few posts that haven't helped either Purging all credentials from Credential Manager Toggling the User identification | Always prompt for login credentials options via registry settings in all cached mode enabled or disable scenarios to all applicable values possible with each configuration Things triedīoth disabling Cached Exchange Mode, wiping all local cache files and enabling it too (separate times) Ultimate Goal: Need for Outlook M365 desktop app to prompt for password for whatever profile is picked at launch time on specific computers regardless of the Outlook user profile picked and even if that profile account authenticated successfully with modern authentication on a previous launch (even if 3 minutes ago for example). What options are available to assist with keeping M365 modern authentication enabled at the Exchange Online \ Azure AD level, but force basic authentication on specific devices regardless of the user that signs onto it with Outlook M365 desktop app? Is there a way to purge locally cached files and/or registry entries on Windows 10 that assist with making the single sign-on modern authentication experience with Outlook M365 work, where once this data is purged, the app will have to prompt for the modern authentication again? (I know it'll store this data locally again) ![]()
0 Comments
Leave a Reply. |