Support Tip: Users unable to add Google accounts to Outlook

This post has been republished via RSS; it originally appeared at: New blog articles in Microsoft Tech Community.

We’ve recently received customer reports that they are unable to add Google accounts to Outlook once the Windows 10 Security Baseline is applied. When attempting to add a Google account, they see the message “Couldn’t sign you in. The browser or app may not be secure,” as shown below.

 

Google prompt in Outlook displaying a message "Couldn’t sign you in. The browser or app may not be secure".Google prompt in Outlook displaying a message "Couldn’t sign you in. The browser or app may not be secure".

 

This error is caused by a configuration setting within a Windows 10 Security Baseline.

 

  1. Sign in to the Microsoft Endpoint Manager admin center.
  2. Navigate to Endpoint Security > Security baselines > Windows 10 Security Baseline.
  3. Under Profile Name, select a baseline.
  4. Select Properties, then click Edit next to Configuration settings.
  5. Under Internet Explorer, there is a setting “Internet Explorer security zones use only machine settings,” which is set to Enabled by default. To avoid this issue, set the field to Not configured.

 

Screenshot of a Windows 10 Security Baseline with the "Internet Explorer security zones use only machine settings" setting shown.Screenshot of a Windows 10 Security Baseline with the "Internet Explorer security zones use only machine settings" setting shown.

 

When troubleshooting this issue, note that there are in other areas that should be checked:

 

  • Intune administrative templates:
    1. In Microsoft Endpoint Manager admin center, go to Devices > Configuration profiles.
    2. Select the administrative template, select Properties, then click Edit next to Configuration settings.
    3. Go to Computer Configuration > Microsoft Edge > Security Zones: Use only machine settings.
    4. Confirm the Enabled button is not selected. This field is left blank by default.
  • Intune settings catalog (preview):
    1. In Microsoft Endpoint Manager admin center, go to Devices > Configuration profiles.
    2. Select the settings catalog, select Properties, then click Edit next to Configuration settings.
    3. Go to Internet Explorer > Security Zones: Use only machine settings.
    4. Confirm the toggle is not set to Enabled. This field is set to Disabled by default.

  • Group policy object (GPO) settings.

 

If you have any questions, reply to this post or reach out to @IntuneSuppTeam on Twitter.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.