Error Code 0x8004de40 when signing in to OneDrive

Symptoms

When you sign in to Microsoft OneDrive, you receive the following error message: 

OneDrive Can't sign in. Error 0x8004de40

Login was either interrupted or unsuccessful. Please try logging in again. (Error Code: 0x8004de40)

Error Code 0x8004de40 indicates OneDrive is having trouble connecting to the cloud. 

Resolution

First, verify that you are connected to the internet. If the affected device is not connected, see Fix Wi-Fi connection issues in Windows.

Make sure that you carefully review information about TLS deprecation. That change might also cause this error.

If the device is connected to the internet and TLS has been updated, continue to the following steps based on the version of Windows that the device is running.

Windows 10

Solution 1: Check cipher suites settings

Even after you upgrade to TLS 1.2, it's important to make sure that the cipher suites settings match Azure Front Door requirements, because Microsoft 365 and Azure Front Door provide slightly different support for cipher suites.

For TLS 1.2, the following cipher suites are supported by Azure Front Door:

  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

To add cipher suites, either deploy a group policy or use local group policy as described in Configuring TLS Cipher Suite Order by using Group Policy.

Important

Edit the order of the cipher suites to ensure that these four suites are at the top of the list (the highest priority).

Alternatively, you can use the Enable-TlsCipherSuite cmdlet to enable the TLS cipher suites. For example, run the following command to enable a cipher suite as the highest priority:

Enable-TlsCipherSuite -Name "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384" -Position 0

This command adds the TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 cipher suite to the TLS cipher suite list at position 0, which is the highest priority.

Important

After you run Enable-TlsCipherSuite, you can verify the order of the cipher suites by running Get-TlsCipherSuite. If the order doesn't reflect the change, check if the SSL Cipher Suite Order Group Policy setting configures the default TLS cipher suite order.

For more information, see What are the current cipher suites supported by Azure Front Door?.

Solution 2: Check TLS protocols

Use the following steps:

  1. Press Windows logo key+R to open the Run window.
  2. Type inetcpl.cpl, and press Enter.
  3. Navigate to the Advanced tab, and enable all three TLS protocols by selecting the check boxes for the TLS 1.0, TLS 1.1, and TLS 1.2 options.
  4. Select Apply and then OK to save the changes.

Solution 3: Restart the device

Restart the device while it is connected to your Azure Active Directory (Azure AD) domain. If that doesn’t fix the problem, unjoin your device from Azure AD and rejoin it, by using the following steps.

Important

You must be connected to your organization’s network when you do these steps. Don’t do these steps if you aren’t connected to your organization’s infrastructure (for example, while traveling).

  1. Open an elevated Command Prompt window. To do this, select Start, right-click Command Prompt, and then select Run as administrator.
  2. Type dsregcmd /leave, and press Enter.
  3. After the command runs, type dsregcmd /join, and press Enter.
  4. After the command runs, close the Command Prompt window.
  5. Restart the computer, and log in to OneDrive.

Windows 8, Windows 7 or Windows Server 2012/2008 R2(SP1)

If you're using Windows 8, Windows 7 Service Pack 1 (SP1), Windows Server 2012 or Windows Server 2008 R2 SP1, see the following solutions.

If none of these solutions fix the issue, consider checking the cipher suite settings and order. For more information, see Solution 1 in the Windows 10 section.

All computers

If you have completed all the previous steps, consider doing a reset of OneDrive.

References