4/8/2024 0 Comments Unisntall mangal font 0365![]() ![]() I just love the “Connected to Windows” text. SSO login experience using Microsoft Enterprise plug-in for Authenticator app on Apple iOS You should see the following type of SSO login prompt when accessing the Office 365 Portal. So, now if you have confirmed that your device has received the configuration profile and the cache in Safari is cleared. Testing this should be simple, right? So in this example, you will use the good old Office 365 portal: in Safari for iOS to test if you got Single Sing-On to work.īut before you rush off to test, please make sure that you don’t have any cached credentials, because that would just defeat the purpose! This guide from Apple support should get you sorted out. Now, you will either have to wait for your device to do a policy refresh or use one of the many options to force a sync, which is not the subject of this blog post. You have completed all the required steps to enable Microsoft Enterprise SSO plug-in for Apple Devices through Intune! Reviewing profile setting in Microsoft Endpoint Manager Intune Review the Summary section, to confirm every detail that you just entered is there.Verify that the groups you selected are in the “ Selected items” area.Īssigning a profile to selected groups using MEM Intune.Search for and select the groups you wish to assign the profile to.Click on “ + Select groups to include“.If you select anything other than “ Selected groups“, you can skip to the next section. Select whom to assign this profile to.NB: Copy-pasting might not make the Intune validator happy, so if it complains, type a letter after the text you pasted and delete it again.Ĭonfiguring the “Single sign-on app extension” for apple device features in Microsoft Endpoint Manager Intune Step 3 Assign the policy to your pilot users group Add the Key “ disable_explicit_app_prompt” as Type “ Integer” with a value of “ 1” in the Additional configuration area to suppress credential prompts in some apps.Add the Key “ browser_sso_interaction_enabled” as Type “ Integer” with a value of “ 1” in the Additional configuration area to enable the plug-in for all webpages.You might only need some of the URL’s if you are not in a special tenant, but you can add them all if you like. Add the Microsoft SSO URL’s to the “ URLs” list.Fill out the Extension ID field with “ “.Select the SSO app extension type “ Redirect.”.Expand the “ Single sign-on app extension” accordion item.Please pay special attention to the fact that we are configuring the “ Single sign-on app extension” and not the “Single Sign On” feature. My example uses: Configured according to Michael Mardahl’s blog post (and then the link to this article.)Ĭonfiguring a device features profile with Microsoft Endpoint Manager Intune Step 2: Configuring the SSO App extension feature (Optionally) fill out the “ Description” field.My example uses: Enable Microsoft Enterprise SSO plug-in for Apple iOS. How to create a new device features profile How to get to the iOS device list in Microsoft Endpoint Manager Intune Step 1: Creating a device feature profile You can replace the mentions of iOS with macOS throughout the steps below, and some of the data you need to enter is different, but you can get instructions on that from this link: Suppose you want to target the macOS platform instead. To enable the plug-in using Microsoft Endpoint Manager Intune, you will go to the MEM portal at. The SSO feature must be enabled through a device feature policy pushed from the organization that the device is enrolled in.The device must be enrolled with Intune or another MDM.The latest version of the Microsoft Authenticator app with your identity configured.iOS 13 is the minimum OS version supported.The Enterprise SSO plug-in bundled with the Microsoft Authenticator App has a few requirements that must be taken into account. UPDATE: If your Teams client starts acting strange, try removing your device from being targeted by this policy and reboot the phone. UPDATE: This now works in preview for macOS target macOS instead of iOS/iPadOS. This blog post will explain how to enable the feature through Microsoft Endpoint Manager Intune, making it a breeze to implement. ![]() The Microsoft Enterprise SSO plug-in for Apple devices provides single sign-on (SSO) for Azure Active Directory (Azure AD) accounts across all applications that support Apple’s Enterprise Single Sign-On feature. But with the new (public preview) SSO plug-in for the Microsoft Authenticator App, this all changes. Microsoft Enterprise Single Sign-On, also known purely as SSO, has up until now, been limited on Apple iOS/macOS devices.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |