Fix: Domain connected Windows 10 no longer sync settings


Microsoft removed the feature that was supported by many users on Domain connected devices where your settings would sync across multiple devices.

The official response given by Microsoft:

“In the Windows 10 Anniversary Update, domain joined users who connected their Microsoft Account (MSA) could roam settings and data between Windows devices.  Many IT Pros told us that this functionality was not consistent with their policies for managing information owned by the organization. They did not want their PCs roaming to an individual’s personal cloud. A group policy to prevent users from connecting their MSAs did and does exist, but this setting also prevents users from easily accessing their personal Microsoft services.  To address IT Pro concerns, we removed the ability for domain joined machines to roam with an MSA.  Enterprises can still enable Enterprise State Roaming with Azure Active Directory.”

In addition Microsoft killed other features that we have enjoyed in previous versions when a computer is connected to a domain such as PIN login, Fingerprint Login etc.

Claiming that a few “IT Professionals” requested that these features are not wanted on domain connected computers is rather short sighted as main “IT Pros” want these features. So why on earth does Microsoft continue to disable features completely rather than give system admins the ability to choose via a GPO settings?

One of the biggest issues with Windows 10 is the constant changes of existing working features that we have relied on.

Workaround

The following is the only workaround that we have managed to make Windows 10 build 1709 sync.

Microsoft killed the ability for Windows 10 to sync when the computer is connected to a domain, however it worked as expected in Windows 10 build 1607.

The resolve this issue you will need a computer or virtual install of Windows 10 Build 1607, domain connected with each user account configured for syncing via their Microsoft Account.

Once all Users are configured you will open the registry editor (RegEdit) and export the keys for identities.

Computer\HKEY_USERS\.DEFAULT\Software\Microsoft\IdentityCRL\StoredIdentities

Export all keys from StoredIdentities. Copy the resulting .reg file to the Windows 10 1709 computer and merge. Logout and signin for each user and go to sync settings, you may have to verify each users Microsoft account.

Article Rating:
1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
Loading...