I spent way too much time on this silly issue. Following any one of the following bullet points may fix this for you. Pick one that you like:
-
Open Internet Explorer. From the Settings (gear) menu, select Internet Options/Privacy Tab/Settings Advanced Button. Notice that the Third-party cookies radio button says "Accept"? Click "Block", Click "Accept" and then Ok, Ok your way out. Yes, you are setting it right back to where it started! Each user needs to do this separately.
-
As similarly answered by Danny adding https://*.microsoftonline.com to the trusted sites in Internet Options fixes this issue. I know some others are reporting this doesn't work but it works for me with Server 2016. The correct entry can be discovered by using the nirsoft dnsquerysniffer during the office 365 login process. Here's some PowerShell to create a registry entry. The nice part about this registry entry is that it seems to fix this issue for all users.
$regPath = 'HKLM:\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\microsoftonline.com'
$regProperty = 'https'
$regValue = '2'
New-Item -Path $regPath -Force -Verbose
New-ItemProperty -Path $regPath -Name $regProperty -Value $regValue -Force -Verbose -Type DWord
-
Set HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3\1A10 to 1. Note you will have to do this for each user so this may be a good solution for those of you who can control user registry properties through group policy or other means.
