1. Home
  2. Knowledge Base
  3. Cloud-Hosted Server
  4. Azure Active Directory
  5. Can’t Sign in through Microsoft: “Necessary sites are not trusted”

Can’t Sign in through Microsoft: “Necessary sites are not trusted”

If you receive the error that the “Necessary sites are not trusted” when attempting to sign in via Microsoft authentication, that means the sites required for Azure SSO are not in the trusted site zones. The computers will need to be able to reach Microsoft in order to use the Azure Active Directory authentication.


These are the necessary sites:


If you are the system’s administrator, you should be able to add the needed sites to the group policy objects to allow them on every computer and user in their domain in a few clicks.

You can also add the sites to the local internet on a single computer by running the following Powershell Script:

# Set the Azure AD Trusted sites in the registry
Set-Location “HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings”
Set-Location ZoneMap\Domains

New-Item login.microsoftonline.com/ -Force
Set-Location login.microsoftonline.com/
New-ItemProperty . -Name https -Value 2 -Type DWORD -Force

New-Item aadcdn.msftauth.net/ -Force
Set-Location aadcdn.msftauth.net/
New-ItemProperty . -Name https -Value 2 -Type DWORD -Force

Was this article helpful?

Related Articles

Need Support?

Can't find the answer you're looking for?
Contact Support