We’ve recently received customer reports that they are unable to add Google accounts to Outlook once the Windows 10 Security Baseline is applied. When attempting to add a Google account, they see the message “Couldn’t sign you in. The browser or app may not be secure,” as shown below.
This error is caused by a configuration setting within a Windows 10 Security Baseline.
- Sign in to the Microsoft Endpoint Manager admin center.
- Navigate to Endpoint Security > Security baselines > Windows 10 Security Baseline.
- Under Profile Name, select a baseline.
- Select Properties, then click Edit next to Configuration settings.
- Under Internet Explorer, there is a setting “Internet Explorer security zones use only machine settings,” which is set to Enabled by default. To avoid this issue, set the field to Not configured.
When troubleshooting this issue, note that there are in other areas that should be checked:
- Intune administrative templates:
- In Microsoft Endpoint Manager admin center, go to Devices > Configuration profiles.
- Select the administrative template, select Properties, then click Edit next to Configuration settings.
- Go to Computer Configuration > Microsoft Edge > Security Zones: Use only machine settings.
- Confirm the Enabled button is not selected. This field is left blank by default.
- Intune settings catalog (preview):
- In Microsoft Endpoint Manager admin center, go to Devices > Configuration profiles.
- Select the settings catalog, select Properties, then click Edit next to Configuration settings.
- Go to Internet Explorer > Security Zones: Use only machine settings.
- Confirm the toggle is not set to Enabled. This field is set to Disabled by default.
- Group policy object (GPO) settings.
If you have any questions, reply to this post or reach out to @IntuneSuppTeam on Twitter.
Posted at https://sl.advdat.com/3jfNKfc