- The Seamless SSO box has to be checked in AD Connect

- GPO (we can temple with Accent) - The Azure AD URL has to be added to the users intranet zone settings via Group Policy or manually - [https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sso-quick-start](https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sso-quick-start) - GPO Settings: - User Configuration -> Policies -> administrative Templates -> Windows components -> Internet Control Panet -> Security page -> Intranet Zone - Allow updates to status bar via script - Enabled - Status bar updates via script - Enabled - User Configuration -> Preferences -> Windows Settings -> Registry - New Registry item - Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\microsoftazuread-sso.com\\autologon - Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\microsoftonline.com\\login\\device - Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\microsoftonline.com\\login - Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\sharepoint.com\\accentconsultingservices - -

![Machine generated alternative text: https Properties General Common Action: Key Path: Value name Default Value type: Value data: update HKEY CURRENT USER So e ftWindo en Wer sion 00000001 @Hexadecimal C) Decimal ](http://bookstack.coltscomputer.services/uploads/images/gallery/2023-12/embedded-image-iup5mlrp.png)

- - Users have to be logging in with their email to their computer so it matches the 365 account.