Office 2016 for OSX not signing in/activating with and Office 365 account

Hey all, just had a recent problem with our OSX clients being unable to activate the latest Office 2016 suite with their Office 365 accounts. I had seen this problem before but there are so many other variables to look into when trying to fix sign in problems.

Your first step should be the https://testconnectivity.microsoft.com/ website which is good for determining most problems with your setup.

I thought this may have been an infrastructure problem where the ADFS 2.0 server was not updated with the latest Roll Up. Apparently that was not the case this time round.

Another problem would have been the time, but no problem there! Time was perfectly in sync.

Just having a wonder around and I found something that was interesting. Apparently Forms Based Authentication needed to be turned on for the intranet domain in ADFS 3.0. It was working perfectly well before but it looks like something had changed with how Office 2016 on Mac was trying to authenticate.

The problem is indicated with this error on the OSX client:

And these errors show up in the ADFS 3.0 logs:

Error AD FS 364
Encountered error during federation passive request.

Additional Data

Protocol Name:
wsfed

Relying Party:
urn:federation:MicrosoftOnline

Once you enable Forms Based Authentication for the Intranet this problem should disappear! Only minor problem with this is that it's not truly single sign on as you are still prompted for credentials inside the domain.

To enable Forms Based Authentication open your ADFS 3.0 server management console > Authentication Policies > Edit Global Settings then enable Forms Based Authentication for the Intranet,

Hope that helps :)


TLDR; Enabled Forms Based Authentication for the Intranet on the ADFS 3.0 management console.