Has anybody been able to make the M$ Teams/Outlook/Authenticator apps work inside Shelter?
I got mine running fine in /e/OS, but I can’t get them to work inside the work profile, in Shelter (they install fine, but refuse to login, pretending there is a network connectivity problem)
I even completely disabled Advanced Privacy inside the work profile, but still no luck.
I’m running /e/OS Q 1.4 stable and Shelter 1.8
Regain your privacy! Adopt /e/ the unGoogled mobile OS and online services
APs tracker blocker was a problem prior, but if you disabled AP already… this should’ve solved the network issue.
Further info: with “Google device registration” on in microG (the one inside Shelter), I was able to successfully install and configure Authenticator (once I’ve registered my accounts, I was able to turn “Google device registration” back to off with no ill-effects.
However, Outlook and Teams still refuse to allow me to configure any account (irrespective the migroG settings).
have you looked at “adb logcat” output while the userinterface is failing you? most of the time it gives some hints
The log generated is absolutely huuuuge (over 3MB in 5 seconds), but looking through the entries, there is a section towards the end which looks interesting: multiple lines from MsalAuthenticationProvider (and its various modules/libraries) complaining about “Unable to perform cloud discovery”, after which it seems the authentication process (re)tries with null user id:
11-10 22:49:18.423 6163 6229 I ActivityTaskManager: Displayed com.azure.authenticator/com.microsoft.identity.client.AccountChooserActivity: +104ms
11-10 22:49:18.435 4786 4843 W MsalAuthenticationProvider: ProcessId: 4786, Thread: pool-16-thread-1, com.microsoft.identity.common.internal.result.MsalBrokerResultAdapter:getBaseExceptionFromExceptionType [2022-11-10 09:49:18 - thread_name: pool-30-thread-1, correlation_id: 5bf8c185-177d-45f0-8602-138877ee02d0 - Android 32] Received a com.microsoft.identity.common.exception.ClientException from Broker : io_error
11-10 22:49:18.435 4786 4843 W com.microsoft.identity.common.internal.result.MsalBrokerResultAdapter:getBaseExceptionFromExce[2022-11-10 09:49:18 - thread_name: pool-30-thread-1, correlation_id: 5bf8c185-177d-45f0-8602-138877ee02d0 - Android 32] Received a com.microsoft.identity.common.exception.ClientException from Broker : io_error
11-10 22:49:18.454 5921 6456 D audio_hw_primary: fast_out-out_update_source_metadata: called, but not implemented yet
11-10 22:49:18.459 4786 4786 I MsalAuthenticationProvider: ProcessId: 4786, Thread: main, onError:timeTaken:[174][1fec8e78-bce4-4aaf-ab1b-5451cc387264][scrubbed][null][https://api.spaces.skype.com/.default][Unable to perform cloud discovery]
11-10 22:49:18.459 4786 4786 I MsalAuthenticationProvider: com.microsoft.identity.client.exception.MsalClientException: Unable to perform cloud discovery
11-10 22:49:18.459 4786 4786 I MsalAuthenticationProvider: at com.microsoft.identity.client.internal.controllers.MsalExceptionAdapter.msalExceptionFromBaseException(SourceFile:51)
11-10 22:49:18.459 4786 4786 I MsalAuthenticationProvider: at com.microsoft.identity.client.PublicClientApplication$18.onError(SourceFile:1944)
11-10 22:49:18.459 4786 4786 I MsalAuthenticationProvider: at com.microsoft.identity.client.PublicClientApplication$18.onError(SourceFile:1935)
11-10 22:49:18.459 4786 4786 I MsalAuthenticationProvider: at com.microsoft.identity.common.java.controllers.CommandDispatcher.commandCallbackOnError(SourceFile:555)
11-10 22:49:18.459 4786 4786 I MsalAuthenticationProvider: at com.microsoft.identity.common.java.controllers.CommandDispatcher.access$900(SourceFile:86)
11-10 22:49:18.459 4786 4786 I MsalAuthenticationProvider: at com.microsoft.identity.common.java.controllers.CommandDispatcher$4.run(SourceFile:535)
11-10 22:49:18.459 4786 4786 I MsalAuthenticationProvider: at android.os.Handler.handleCallback(Handler.java:938)
11-10 22:49:18.459 4786 4786 I MsalAuthenticationProvider: at android.os.Handler.dispatchMessage(Handler.java:99)
11-10 22:49:18.459 4786 4786 I MsalAuthenticationProvider: at android.os.Looper.loopOnce(Looper.java:201)
11-10 22:49:18.459 4786 4786 I MsalAuthenticationProvider: at android.os.Looper.loop(Looper.java:288)
11-10 22:49:18.459 4786 4786 I MsalAuthenticationProvider: at android.app.ActivityThread.main(ActivityThread.java:7870)
11-10 22:49:18.459 4786 4786 I MsalAuthenticationProvider: at java.lang.reflect.Method.invoke(Native Method)
11-10 22:49:18.459 4786 4786 I MsalAuthenticationProvider: at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:548)
11-10 22:49:18.459 4786 4786 I MsalAuthenticationProvider: at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1003)
11-10 22:49:18.459 4786 4786 I MsalAuthenticationProvider: Caused by: com.microsoft.identity.common.java.exception.ClientException: Unable to perform cloud discovery
11-10 22:49:18.459 4786 4786 I MsalAuthenticationProvider: at com.microsoft.identity.common.internal.result.MsalBrokerResultAdapter.getBaseExceptionFromExceptionType(SourceFile:334)
11-10 22:49:18.459 4786 4786 I MsalAuthenticationProvider: at com.microsoft.identity.common.internal.result.MsalBrokerResultAdapter.getBaseExceptionFromBundle(SourceFile:221)
11-10 22:49:18.459 4786 4786 I MsalAuthenticationProvider: at com.microsoft.identity.common.internal.result.MsalBrokerResultAdapter.getAcquireTokenResultFromResultBundle(SourceFile:596)
11-10 22:49:18.459 4786 4786 I MsalAuthenticationProvider: at com.microsoft.identity.common.internal.controllers.BrokerMsalController.acquireToken(SourceFile:342)
11-10 22:49:18.459 4786 4786 I MsalAuthenticationProvider: at com.microsoft.identity.common.java.commands.InteractiveTokenCommand.execute(SourceFile:65)
11-10 22:49:18.459 4786 4786 I MsalAuthenticationProvider: at com.microsoft.identity.common.java.commands.InteractiveTokenCommand.execute(SourceFile:37)
11-10 22:49:18.459 4786 4786 I MsalAuthenticationProvider: at com.microsoft.identity.common.java.controllers.CommandDispatcher.executeCommand(SourceFile:455)
11-10 22:49:18.459 4786 4786 I MsalAuthenticationProvider: at com.microsoft.identity.common.java.controllers.CommandDispatcher.access$100(SourceFile:86)
11-10 22:49:18.459 4786 4786 I MsalAuthenticationProvider: at com.microsoft.identity.common.java.controllers.CommandDispatcher$5.run(SourceFile:683)
11-10 22:49:18.459 4786 4786 I MsalAuthenticationProvider: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167)
11-10 22:49:18.459 4786 4786 I MsalAuthenticationProvider: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641)
11-10 22:49:18.459 4786 4786 I MsalAuthenticationProvider: at java.lang.Thread.run(Thread.java:920)
11-10 22:49:18.460 4786 4786 E AuthorizationService_GetPrimaryResourceTokenAction: ProcessId: 4786, Thread: main, acquireToken failed
11-10 22:49:18.464 4786 4786 E AuthorizationService: ProcessId: 4786, Thread: main, com.microsoft.identity.client.exception.MsalClientException: Unable to perform cloud discovery
11-10 22:49:18.465 4786 4786 I APPLICATION_ACTIVITY_LIFECYCLE: ProcessId: 4786, Thread: main, Activity resumed: com.microsoft.skype.teams.views.activities.FreAuthActivity 14957848
11-10 22:49:18.468 4786 9021 I AuthorizationService: ProcessId: 4786, Thread: pool-3-thread-54, Reset user requested.
11-10 22:49:18.468 4786 4786 W CallActions: ProcessId: 4786, Thread: main, getUserObjectIdForCall called from getLogger, Unable to find user for call ID 0, guid:
11-10 22:49:18.468 4786 4786 I Calling: CallManager: ProcessId: 4786, Thread: main, Calling: getLatestGlobalActiveCall: request to get the latest Global Active Call.
11-10 22:49:18.468 4786 4786 W calling:CallActions: ProcessId: 4786, Thread: main, User object id was null getBestUserForObjectId
11-10 22:49:18.468 4786 4786 E Calling: SkyLibManager: ProcessId: 4786, Thread: main, getCallHandler is called with null teamsUser or user object is null
11-10 22:49:18.479 6163 6763 W InputManager-JNI: Input channel object ‘a99653f com.microsoft.teams/com.microsoft.skype.teams.views.activities.FreAuthActivity (client)’ was disposed without first being removed with the input manager!
11-10 22:49:18.486 6163 6232 V WindowManager: Unknown focus tokens, dropping reportFocusChanged
and you’re sure you disabled the ms engagement tracker that blocks login.microsoftonline.com ? if so, maybe your email belongs do a different active directory domain, and that one gets somehow (dns) blocked by AP… but you said you disabled AP altogether in shelter? could be a shelter issue, but AP is supposed not to work there: Advanced Privacy doesn't identify trackers in pro profile (Shelter) (#5648) · Issues · e / Backlog · GitLab
I have tried both with advanced privacy disabled and with advanced privacy disabled but “block trackers” disabled for Teams and Outlook, to no avail.
However, there is one weird thing - advanced privacy inside the work profile reports zero trackers found (across all applications), which is obviously wrong.
I’m starting to suspect advanced privacy (or at least the tracker blocking function) doesn’t function correctly inside the work profile (or doesn’t obey the interface commands, so it never “disables”, when asked to).
something to that extent is noted at https://gitlab.e.foundation/e/backlog/-/issues/5648
" … Trackers control: the first Advanced Privacy instance to start is the one which take the control around tracker detection and blocker. It should be the one from Main profile. The fix here e/os/advanced-privacy!100 will allow to see and manage the applications of the pro-profile in the Advanced Privacy instance of the main profile"
with a fix coming along
That is the cause. Thanks tcecyk! - I temporarily disabled Advanced Privacy in the home profile and suddenly both outlook and teams were happy to connect.
nice! as v1.6 will contain your fix, it will arrive after new years, but then you could retest and verify the bugfix
That’s great news! /e/OS developers are AWESOME! They are doing a great job. So many improvements, bug fixes and new functionality in such a short time (since 1.0), it’s just amazing.
Keep up the good work, guys!
Hello, I am also using outlook and ms teams but do not need mobile microsoft autenticator. I do not use shelter so far.
What is the benefit of using shelter in this case ? Do MS apps really look to the shared directory for other app data and send it to microsoft ?
Thanks !
Neither Outlook nor Teams function correctly unless I allow trackers. They have a tracker called “Mobile engagement” (or something like that). I haven’t looked into what info that tracker collects and sends to Microsoft, but there is obviously personal data that gets sent to Microsoft.
Having only MS apps in a shelter environment, ensures none of these apps sees what other apps I have installed or any details about my real mobile phone (environment, phone model, settings, etc.). Plus I can have “work contacts” in the shelter environments, so Outlook and teams don’t get to see my personal contacts.
Additionally, as long as I have fake IP and fake location enabled as well, I am fairly certain I prevent (allmost) all personal info from being collected by Microsoft.
I also have WhatsApp in the shelter as well. Although it is a personal app, it is so intrusive, I don’t want it with my other apps, but I cannot get rid of it (I have contacts who only use WhatsApp for messaging). I just don’t allow it any access to contacts and use another app called “Open in WhatsApp” if I need to initiate a chat with a new person. Idealy I would want WhatsApp in its own shelter container, but Android can only do one shelter per phone.
This issue has been closed in Github and the Advanced Privacy in the main profile shows the apps in shelter as well, but any settings I do to any app in the shelter, doesn’t seem to have any effect.
I’ve just upgraded to 1.11 hoping this update would fix the issue, but still the same.
The only way to get shelter MS apps to work, is to disable the whole Advanced Privacy (in the main profile) - which is obviously not desirable.
@centaurus and the settings you apply to any App in the subprofile - you do this through the main-profile as the authors intended? then it’d be a bug and worth a comment on the issue tracker
Yes, I applied the settings in the Advanced Privacy for the main profile (not the shelter one).
Unfortunately the bug in github has been closed, so no further comments can be added to it.
commenting on closed issues should be possible last I resorted to it
I have put a comment - let’s see if it gets any response.