问题
I have a .NET 4.5.2 WinForms application with an embedded WebBrowser. The application is built with AnyCPU and "Prefer 32-bit" disabled, running on Windows 10 64-bit. The machine is not domain joined but not Azure AD joined and Azure AD Connect is used to perform Password Hash Sync (this is not my area of expertise).
When the webbrowser navigates to a website which should perform a seamless single sign-on (e.g. myapps.microsoft.com), it doesn't work. It simply times out at the "Trying to sign you in" and then ends up at the email address input form. Navigating to the same site in Internet Explorer and Chrome seamlessly signs in, so the authentication is working correctly, even after clearing all data and cookies from Internet Explorer.
After much debugging and testing I finally figured out that building the exact same application with "Prefer 32-bit" enabled makes the seamless single sign-on work, but unfortunately that is not a solution for me. The application is deployed to a lot of users and cannot easily be updated.
I'm guessing there is some settings which are not correctly applied in the 64-bit instance of the web browser component (registry or group policy?), I just cannot figure out what I'm missing for it to work.
Does anybody know how to make the WebBrowser component in .NET perform a seamless single sign-on when running in a 64-bit process?
来源:https://stackoverflow.com/questions/56629287/azure-ad-password-hash-sync-seamless-sso-and-64-bit-webbrowser-net-control-not