Category Archives: Office 365 ProPlus

Fix for SSO with Office 365 ProPlus (2016) and ADFS

If you are using an Office 365 ProPlus version prior to 1808, along with Windows 10 1703 or later, you may have an issue where Office applications do not use SSO to sign in, and after users enter their email address, they then have to enter their username and password again in the ADFS login form. This is due to issues with Web Account Manager (WAM), which is used for authentication instead Azure Active Directory Authentication Library (ADAL) with Office 365 ProPlus on recent versions of Windows. Other issues we have seen include:

  • Being unable to obtain a license for Office at all, and Office going into reduced functionality mode, especially if you are using Shared Computer Activation
  • Activation issues after changing password or UPN
  • Repeated requests to enter passwords
  • Showing users a screen asking if they want to add the account to Windows

Fortunately, there is a fix for this, which is listed in a Microsoft article, which lists several symptoms but doesn’t specifically mention SSO issues.

Firstly, if you are running a Windows 10 build later than 1703, you will be using ADAL. So firstly, make sure you have this enabled in your ADFS infrastructure.

Enable ADAL Enable WS-Trust 1.3 for Desktop Client SSO ADAL

In your ADFS console, check the following endpoint shows enabled (/adfs/services/trust/13/windowstransport):


If not, run the following PowerShell command on your ADFS server to enable the endpoint for WS-Trust 1.3:

Enable-AdfsEndpoint -TargetAddressPath "/adfs/services/trust/13/windowstransport"

Apply the ADAL registry fix

Now you may find that SSO still does not work, and that users get a second username and password prompt, instead of SSO taking care of it. This is listed at

Create a Group Policy Object to add the following registry value at user login, or test using a reg file:

Windows Registry Editor Version 5.00

In my testing, this reverted the Office sign in process to the proper behaviour, SSO is seamless and transparent, the user never has to enter their credentials.

Checking your Office 365 ProPlus version and features for Windows Desktop applications

How to check the version of your Office 365 desktop applications. If you have an Office 365 subscription, either home or business, you will probably be aware that your Office applications are updated from time to time.

Features are added, bugs are fixed, and performance is (hopefully) improved over time. So you may want to know what version you are running, and what the features are of that version.

Checking your Office 365 version

Firstly, you need to check which version of Office 365 you have installed.

  1. Open any Office application, such as Word or Excel, and create a new document.
  2. Choose File, then Account
  3. The version is shown below e.g. 1705


There are 2 ways to view the update history for Office 365 desktop, which will tell you which features were added in this version.


1  What’s new in Office 365

For Office 365 Subscribers:

Or if you are an Office 365 Insider:

These pages give a high level overview of the features added in the various releases. If you scroll down you can see features added in previous releases.


2  Update history for Office Insider for Windows desktop

This table is the most useful to see which version you get:

This gives a more detailed list of changes

For more information see :

When do I get the newest features in Office 2016 for Office 365?

Also see to see which version you get depending on your update channel.