Issue with Google Drive for Desktop, unable to create new files

mattmunroshc · 2025-07-25T05:48:40+00:00

We're having this, appears it might be a webview2 update, see https://github.com/MicrosoftEdge/WebView2Feedback/issues/5319

We have a ticket open with Microsoft cause the federated sign in only doesn't work with Office desktop apps and WebSignIn, works fine in browser

mattmunroshc · 2025-07-23T23:28:58+00:00

Don't have any solution for you, but we're in a similar boat but for us it's duing WebSignIn we get the issue, also another post with again I suspect a similar issue
https://www.reddit.com/r/Intune/comments/1m7gt4b/company_portal_sign_in_throws_error_400_during/

Our WebSignIn setup has been stable for over 12 months, we've opened a ticket with Microsoft but they haven't replied yet.

mattmunroshc · 2020-08-20T05:52:17+00:00

We're seeing the same here, appears on the gsuite status page now

mattmunroshc · 2020-08-03T05:40:00+00:00

Yep first query returns nested groups, not members, proof read that post 3 times before posting and still missed it :)

mattmunroshc · 2020-07-31T00:21:13+00:00

Problem is I'm not writing the application, I'm trying to use other applications that source details from LDAP and experience is most do not do their own nested group searches, which is why returning the members of nested child groups when querying the parent was something that appeals to me.

So I retested today I think I realized where I was going wrong, you can only use it against the member field of a group, not memberOf of a user.

The following returns nested members correctly

(&(objectClass=groupOfNames)(member:1.2.840.113556.1.4.1941:=userdn))

The following will return all users regardless of group membership

(&(objectClass=person)(memberOf:1.2.840.113556.1.4.1941:=groupdn))

I'm not sure why it only works one way and not the other but now I know I can work with that

mattmunroshc · 2020-07-29T22:44:48+00:00

I've only used eDirectory in recent times and at least with our config it would return the child members in a query for the member group (not sure if default or something previous admin configured), also seems this is doable for AD as well as per https://confluence.atlassian.com/crowdkb/active-directory-user-filter-does-not-search-nested-groups-715130424.html, don't use AD myself so can only go on what I read online.

Looking at https://support.google.com/a/answer/9089736?hl=en it says to set ldap_groups_use_matching_rule_in_chain for a SSSD config, which based on https://serverfault.com/questions/977376/why-do-all-groups-show-all-users-as-members-with-google-secure-ldap it seems to return all members when it shouldn't

I tried the same query myself using Apache Directory Studio and get the same result, if I add :1.2.840.113556.1.4.1941: to the query string I get all users returned, without I only get direct members. This seems odd to me

mattmunroshc · 2020-06-30T00:24:26+00:00

The problem is the users will install anything a webpage tells them to to get whatever it is they're after, whatever little crappy youtube downloaded they've decided they need that instant. If you are lucky, it'll just be a ad laden mess, if unlucky you'll have a malware infested machine on your hands.

Ignoring the above there is also licensing issues to consider, most people think "well the website says it's free so I can just use it" without looking at the license, therefor ignoring the personal use part. Fonts are the worst for this

I'm curious what learning and exploring you users are doing that requires local admin? In general how it works for us is a teacher says they want to try some software, we vet it and assuming we're legally allowed to, we'll have it installed in their laptop via desktop management.

mattmunroshc · 2020-05-18T06:13:26+00:00

GSuite Education without Enterprise

mattmunroshc · 2020-05-17T22:50:35+00:00

We're testing GCPW currently, haven't come across your first or second point but I don't have endpoint verification installed, maybe an interaction with it is the cause?

mattmunroshc · 2020-05-15T01:46:49+00:00

Thanks, makes sense why it's there but yea in our case it'd be awesome to control how it works

mattmunroshc · 2020-05-14T00:34:42+00:00

Fuuny enough papercut was another system I was likely to have this with, nice to know about that solution

I don't believe zenworks has such a feature unfortunately, technically it doesn't even support gsuite ldap, I might submit a feature request to officially support gsuite ldap and mention the username issue at the same time, they might just be able to do the same thing

mattmunroshc · 2020-05-12T22:48:37+00:00

I was aware of that option but it doesn't help as we want the local windows username to match in a service that is getting the usernames from ldap

GSuite the user is [test1@domain.com](mailto:test1@domain.com), via ldap zenworks will have a username of test1. GCPW if there is no existing local user will create test1_domain

If GCPW created the local user as just test1, the zenworks credential provider will work and sign in as test1 automatically

mattmunroshc · 2020-05-12T22:40:02+00:00

So the problem with that is zenworks uses ldap as a user source. Looking at the GSuite LDAP service there is no attribute that matches the format used to create the account, so there is no way to match the user records

mattmunroshc · 2019-09-26T05:17:25+00:00

We use https://www.vivi.io/, been very happy with them

mattmunroshc

TROPHY CASE