Containers no longer work with Microsoft Teams and Schools

mozilla / multi-account-containers

Firefox Multi-Account Containers lets you keep parts of your online life separated into color-coded tabs that preserve your privacy. Cookies are separated by container, allowing you to use the web with multiple identities or accounts simultaneously.

https://addons.mozilla.org/firefox/addon/multi-account-containers/

Mozilla Public License 2.0

2.64k stars 322 forks source link

Containers no longer work with Microsoft Teams and Schools #2534

Open paulmartinidea opened 1 year ago

paulmartinidea commented 1 year ago

Before submitting a bug report

[X] I updated to the latest version of Multi-Account Container and tested if I can reproduce the issue
[X] I searched for existing reports to see if it hasn't already been reported

Step to reproduce

Open new containers attempt to login to site ( in this case AWS Managment Console which is using SSO and Endpoint protection) A bad request 400 is received once the login process completes

Actual behavior

An error message is presented when attempting to login

Expected behavior

Additional informations

This only started happening since upgrading Firefox to version v113, downgrading to v112 allows this to work as expected.

The main difference we can see from our sign in logs is that in version 113 the "Device ID" and "Join Type" is not present on the Azure side.

Provide a copy of Troubleshooting Information page (optional)

No response

matboulard commented 1 year ago

We are experimenting the same issue. Container tabs no longer send the Device info/state (Device Type, Compliancy state, etc). Without this info, we cannot login as AAD conditionnal access requires us to be working from Hybrid joined device.

RajasGujarathi commented 1 year ago

We also have the same issue.

TheNightRider12 commented 1 year ago

Could the issue be firefox itself along with Containers? I would suggest filing a report on BugZilla as well because the issue may be Firefox itself.

paulmartinidea commented 1 year ago

Logging on Firefox without containers works on version 113 just not when using the container

Chouffy commented 1 year ago

I've reported this defect in Bugzilla

Chouffy commented 1 year ago

Hi all,

The bugzilla defect was closed, as it is an intented behavior from this defect. There's a solution however (from the later defect):

Get the container ID - this is available in containers.json in your Firefox profile directory, in a key called userContextId (47001 for example)
In about:config, create a boolean key network.http.windows-sso.container-enabled.CONTAINERID, where CONTAINERID is from step 1. Set this key to true
Enjoy Windows SSO working in the given container!

It would be great to put in the [FAQ], but I don't have the edit rights. In the meantime, this bug can be closed

achernyakevich-sc commented 1 year ago

@Chouffy Great work!

It would be great to put in the [FAQ], but I don't have the edit rights.

@dannycolin Could you help to enhance documentation?

dannycolin commented 1 year ago

Done. I'll keep this bug open for now so we can redirect any duplicate to this one.