Restart Microsoft Edge and navigate to edge://sync-internals and check the “ AAD Account Key Status” section.The following example shows a cryptography error cryptographer error was encountered". This error is visible under Type info in edge://sync-internals and may mean that the user's service side data needs to be reset. If the issue still isn't fixed, contact Microsoft Edge support.
If the server endpoint is empty, or if server cannot be pinged and a firewall is present in the environment, confirm that the necessary service endpoints are available to the client computer. The next screenshot shows endpoint information under Environment Info. The server endpoint for a client is available in edge://sync-internals. If under the " Type info" section the following error is present, then skip to the following issue, Cryptographer error cryptographer error was encountered" Issue: Stuck at "Setting up sync." or “Couldn’t connect to the sync server. If the issue isn't fixed, contact Microsoft Edge support. The Get-AIPServiceConfiguration PowerShell cmdlet shows the status of the service. In the example below, onboarding has scoped AIP to the indicated security group and the scoping should be removed with the Set-AIPServiceOnboardingControlPolicy PowerShell applet.Ĭonfirm that the IPCv3Service is turned on in the tenant. If scoping is enabled, the affected user should either be added to the security group for the scope, or the scope should be removed. UseRmsUserLicense SecurityGroupObjectId Scope PS C:\Work\scripts\PowerShell> Get-AIPServiceOnboardingControlPolicy The next two examples show an unscoped configuration and a configuration scoped to a specific security group.
You can get it here: Install the AIPService PowerShell module for Azure Information Protection. Make sure the aIPService PowerShell monitor is installed. You can use the Get-AIPServiceOnboardingControlPolicy PowerShell cmdlet to see if scoping is enabled. You can turn off ESR if this step fixes the issue.Ĭonfirm that Azure Information Protection is not scoped via an onboarding policy. The instructions for enabling ESR are here. If step 2 shows that AIP is active but sync still doesn't work, turn on Enterprise State Roaming (ESR). The instructions for checking the AIP status and, if necessary, activating AIP are here. If a supported subscription is available, verify that the tenant has Azure Information Protection (AIP) available.
If the tenant doesn't have a supported subscription, they can either purchase Azure Information Protection separately, or upgrade to one of the supported subscriptions. The current list of available subscription types is provided here. Verify that the enterprise tenant has a supported M365 subscription. If this error is encountered for an Azure Active Directory account, or if DISABLED_BY_ADMIN appears in edge://sync-internals, follow the steps in the next procedure sequentially until the problem is fixed.īecause the source of this error is usually requires a configuration change in an Azure Active Directory tenant, these troubleshooting steps can only performed by a tenant admin and not by end users. Issue: “Sync is not available for this account.” See the instructions for resetting data in the Cryptographer error encountered issue. The error is " Last Token Error, EDGE_AUTH_ERROR: 3, 54, 3ea", which is found in edge://sync-internals under Credentials:Ĭommon sync issues Issue: Can't access M365 or Azure Information Protection subscriptionĭo you have a previous M365 or Azure Information Protection (AIP) subscription that expired and then replaced with a new subscription? If so, then the tenant ID has changed and the service data needs to be reset. The next screenshot shows an example of an identity error. Understand the difference between identity and sync issue before you start troubleshooting sync.īefore you treat an issue as a sync issue, check to see if the user is signed into the browser with a valid account. For this reason, identity issues are frequently confused with sync issues.
A popular use case for maintaining user identity in the browser is to support sync. Identity issues versus sync issuesīefore you begin it's important to understand the difference between identity issues and sync issues. Applies to Microsoft Edge version 77 or later unless otherwise noted.