locked
Outlook 365 Trusted Platform Module error code 80090016 RRS feed

  • Question

  • This issue has been raised before but there are no valid solutions offered in previous threads.

    My situation is, we are using an AD migration tool to migrate users from one domain to another. Users in the source domain use Outlook with the UPN from their user in the target domain.  Migration tool runs which adds SIDhistory and changes the owner of the workstation profile to the user in the target domain

    When the user logs back in with his Ad account from the target domain, his profile is all good other than Outlook.  

    If the user starts outlook, it asks to do new setup, even though his email account is still there, eventually it gives and error that the ost cannot be accessed, then "something went wrong error"

    At this point, I delete the Outlook account, and start setup again, after entering email and password the message Something Went Wrong Error 80090016 TPM failure comes up
    Disabling modern auth is not an option

    Recreating user profiles is not an option 

    thanks

    Thursday, May 30, 2019 6:02 AM

All replies

  • Hi,

    The error message "Something went wrong" along with the error code 0x80090016 appears when Windows is unable to set up a PIN for your device. This is usually due to the corruption of the Ngc folder which is located in the system volume.

    Solution: Deleting the Contents of Ngc Folder.

    1. Find the path below:
      C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\
    2. Take over ownership of Ngc folder. Right-click on the folder and click Properties > Security > Advanced.
    3. Type in the username of the account that you are currently using.
    4. Afterward, click Check Names and then hit OK.
    5. Make sure that the ‘Replace owner on subcontainers and objects’ box is checked.
    6. Click Apply and then hit OK.
    7. Open up the Ngc folder and delete the all the contents of the folder.
    8. Test again.


    Hope this can be helpful.

    Regards,

    Aidan Wang


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.


    Friday, May 31, 2019 2:28 AM
  • Thanks Aiden,

    Unfortunately this solution didn't fix the problem.  Similar error page but with different code comes up, TPM has malfunctioned, error 80090030

    Not sure if relevant but after changing the owner of the ncg folder, now the only permission is the owner user, there were some other permissions before like admins and system but they are gone now

    Other users can create a profile, and configure Outlook ok. this issue only affects the migrated user
    • Edited by Geezer32 Friday, May 31, 2019 3:17 AM
    Friday, May 31, 2019 3:15 AM
  • Hi,

    Thanks for your reply.

    I'm researching on your issue.

    Once there is any update, I will post here at the first time.

    Thanks for your understanding.

    Regards,

    Aidan Wang


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Tuesday, June 4, 2019 9:23 AM
  • The solution for me was to rename this folder:

    C:\users\$dir\AppData\Local\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy

    This needs to be done with the affected user logged off, i.e log on as a different admin user or do it from a network share.  the folder will get recreated when the user logs on next.

    Start Outlook, you will need to enter password again, you will get asked to workplace join again "say yes to allow my organization to manage this device"  it may still throw the 'Something went wrong, TPM error' but ignore this and Outlook should continue to load again. The TPM error will only occur once.

    I have tested this on many different affected systems with 100% success rate

    • Proposed as answer by HDTek Monday, July 15, 2019 11:51 PM
    Wednesday, June 26, 2019 2:00 AM
  • I had the same issue after migrating a user on Windows 10 using Office 354.

    I applied fix above (already had from previous domain migration) but also had to rename:

    Microsoft.AccountsControl_cw5n1h2txyewy

    It then allowed the user to logon succesfully.

    Thursday, August 8, 2019 8:02 AM
  • Thank you very much for this information. It remedied the issue for me.

    Question - can I safely delete the original folders that were renamed?

    Saturday, September 7, 2019 2:07 PM
  • Yes, you can delete them. You don't really need to rename it at all, just delete the folder, it will get recreated when the user logs in next
    Wednesday, September 11, 2019 10:01 PM
  • I am not finding an AppData folder in the LocalService folder. Any other suggested places to look?
    Friday, September 20, 2019 3:02 PM
  • Don't bother trying to locate the NGC folder, that fix doesn't work

    The folder you need to delete is:

    C:\users\<user>\AppData\Local\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy


    Sunday, September 22, 2019 10:37 PM
  • We are running into the same issue.

    Deleting or renaming AppData\Local\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy or Microsoft.AccountsControl_cw5n1h2txyewy

    Does not resolve the issue for us.  

    Not sure if this is related to the fact that the original users account name/UPN is changed as well when we migrated users.

    Users can log into O365 through Web or another PC/Profile without issue.

    Only when using existing Profile that was migrated/Security Translation with ADMT are affected. Also this is only for O365 Office Desktop Client App suite.  Microsoft Teams, Power BI, FLow etc... is unaffected

    Creating a new profile for the user does solve the problem, but this is not an option for the thousands of users we are migrating.

    Tuesday, October 8, 2019 7:05 PM
  • So we have found a solution to our problem. If not previously stated this was only affecting windows 10 Machines for us.  For affect user profile that is getting error, go to windows 10 settings, Accounts, Access work or school. Remove old user account is it exists (this was not case for us). Select Connect and follow prompts for O365 credentials. Now log into O365 Office suite and TPM error no longer is an issue. 
    • Proposed as answer by Trapspringer Wednesday, October 9, 2019 8:38 PM
    Wednesday, October 9, 2019 8:38 PM
  • After many attempts of fixing this issue on a Windows 10 by changing user GPedit to evaluated permissions settings. The last step was to remove the user account under account settings. Thank you so much! 
    Wednesday, November 20, 2019 8:42 PM
  • Thank you for this tip. It really works. I've spent over 4 hours trying to fix this problem and this just did it!

    I'm very grateful!

    Thursday, January 9, 2020 5:15 AM
  • for us converting the user to shared mailbox then back to user mailbox as well as deleting the folder below resolved all our issues 

    :C:\users\<user>\AppData\Local\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy

    to add a note when users were trying to access owa it did not work if presented an error hence the convert to shared mailbox first then deleting the file and convert back (so check if you can see emails in OWA as the user before proceeding 


    Tuesday, April 21, 2020 1:39 AM
  • I disagree, disabling modern auth by changing this registry value EnableADAL 0 should be done only as a last resort preferably never it will cause other issues with Azure and Intune.  I've seen MS reps recommending this fix when they don't seem to understand what it does

     
    Tuesday, April 21, 2020 10:37 PM
  • This error is generated when a user logs into Office 365 and Office setups the account on the PC.

    Build a new user profile.  Works but is a pain or
    Clear out the TPM chip cache (it appears some corruption is occurring which messes up the authentication)
    Or use this registry setting:
    Shut down Outlook and set the following registry key. (Disables modern authentication)
    HKCU\SOFTWARE\Microsoft\Office\16.0\Common\Identity\ REG_DWORD EnableADAL 0

    Deleting the affected user profile and removing the user from the accounts was the only solution that worked here.

    FYI You do not need to disjoin the machine from AAD.

    I agree no one should be touching that EnableADAL key.

    Monday, May 18, 2020 1:18 AM
  • j'ai le meme probleme et la solution ne fonctionne pas , j'ai supprimé les dossiers sou sle répertoire ngc puis j'ai re iniatliser ( vu dans un autre forum micorsoft ) le TPM et l'erreur persiste . je peux utiliser aucun logiciel microsoft en version bureau comdamné à utiliser les version on line en dépannage .  merci de trouver une solution au service microsoft car si un des pc de l'entreprise tous les pc et les abonnements de l'entreprise peuvent avoir le meme comportement et ce serait trés grave merci 
    Friday, July 3, 2020 7:23 AM
  • pour cela il faut activer les dossiers cachés sinon il reste invisible
    Friday, July 3, 2020 7:24 AM
  • je confirme cela ne marche pas 
    Friday, July 3, 2020 7:24 AM
  • pour ma part , j'ai essayé de supprimer la gestion materiel sur azur  en pensant qu'il gardait des codes de sécurité obsolete puisque en défaut sur la machine en question 

    ben ca marche pas non plus 

    Friday, July 3, 2020 7:26 AM
  • oj j'essaie merci
    Friday, July 3, 2020 7:27 AM
  • This solution worked for us first time. We tried first this as it is the simplest solution.

    Thanks

    Wednesday, July 8, 2020 1:11 PM
  • That is normally a hidden folder. You will need to show hidden folders in File Explorer to see it. Go tp the View tab in File Explorer and check in the box for Hidden Items.
    Wednesday, July 8, 2020 9:19 PM