IBM Verify

IBM Verify

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

  • 1.  Azure AD join

    Posted Fri January 28, 2022 03:12 PM
    Hi,

    I am trying to setup Azure AD join to test device management with Intune and was wondering if anyone has pointers on setting this up?

    We are using ISAM as the IDP and Azure AD ad the SP - Per Microsoft documentation, the IDP should support both WS-Trust and WS-Fed protocols:

    • WS-Fed: This protocol is required to join a device to Azure AD.
    • WS-Trust: This protocol is required to sign in to an Azure AD joined device.

    We had a SAML federation for SSO with Azure AD which I modified to use WS-Federation. SSO now works with Azure AD when I authenticate with a browser.

    The next step is to sign in on Windows 10 using this configuration. After entering my Azure AD email address in the windows login screen, I get the following error message:

    "We can't open that page right now. For security reasons, you'll need to visit that page from a browser or a different device.".

    Windows correctly identifies the IDP sign on url, so I think I'm missing WS-Trust configuration on ISAM.

    Thanks,

    ------------------------------
    sudhir kapu
    ------------------------------


  • 2.  RE: Azure AD join

    Posted Fri March 04, 2022 12:54 PM
    Hi, you will find a step-by step guide here :
    https://community.ibm.com/community/user/security/blogs/yongming-chen1/2022/02/27/configure-azure-ad-join-ibm-security-verify-access

    ------------------------------
    Nicolas Karageuzian
    ------------------------------

    Original Message