Buy or Renew
Buy or Renew
Meraki Community is live! Welcome Meraki Members! Learn more here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5364
Views
6
Helpful
5
Replies

ADE & Azure AD User authentication

Go to solution
beks88_
Level 2
Level 2

‎11-03-2023 04:26 AM

Hi all,

is it now possible to use Azure AD for user authentication on SM?

The initial document still says, it's not supported (Feb 2023)

https://documentation.meraki.com/SM/Device_Enrollment/SM_Enrollment_Authentication

Another document (under User management) let us assume it is indeed supported (Jun 2022)

https://documentation.meraki.com/SM/Deployment_Guides/Apple_User_Enrollment_Deployment_Guide

In this thread this part got also a bit discussed and at this time the first document was older than the second one.

https://community.meraki.com/t5/Mobile-Device-Management/Smartphone-enrolment-Apple/m-p/160251#M9599

What is now accurate?

Systems Manager enthusiast
Labels:
1 Accepted Solution

Accepted Solutions

Go to solution
Arthur Dent
Cisco Employee
Cisco Employee

‎11-03-2023 09:08 AM

The way to achieve this is to use, one creating a NEW ADE profile, is to use the Enrollment Redirect URL

image.png

If you've got Enrollment Auth turned on and Azure Configured, then you'll get this as an option

image.png

Note: I've got OpenID connect with Azure configured, not azure natively, but it does work

View solution in original post

5 Replies 5

Go to solution
ConnorL1
Meraki Employee All-Star
Meraki Employee All-Star

‎11-03-2023 06:20 AM

Hey @beks88_ ,

During the Apple Automated Device Enrollment set-up process (i.e. when you're first setting up the device), we do not support using Azure AD and instead it'll fall back to using Meraki credentials (SM > Owners). Appreciate the different KBs make this a little confusing so I'll request some clarification is added here.

Cheers,

Connor

Go to solution
Arthur Dent
Cisco Employee
Cisco Employee

‎11-03-2023 09:08 AM

The way to achieve this is to use, one creating a NEW ADE profile, is to use the Enrollment Redirect URL

image.png

If you've got Enrollment Auth turned on and Azure Configured, then you'll get this as an option

image.png

Note: I've got OpenID connect with Azure configured, not azure natively, but it does work

Go to solution
beks88_
Level 2
Level 2
In response to Arthur Dent

‎11-04-2023 03:08 AM

I'll try this, thanks

Systems Manager enthusiast
0 Helpful

Go to solution
beks88_
Level 2
Level 2
In response to Arthur Dent

‎11-07-2023 07:09 AM

This is working fine. The only thing I'm not able to test (since I have no access to customers Azure config) is the question if groups get synced to Meraki.

The log in redirection to Microsoft works fine here. Maybe you could update the docs to match the use case since they are still misleading.

One thing to note here; the customer I tested it with has also Android Enterprise (Meraki managed) active.

Systems Manager enthusiast
0 Helpful

Go to solution
Arthur Dent
Cisco Employee
Cisco Employee
In response to beks88_

‎11-08-2023 06:50 AM

@beks88_

We support groups syncing with:

  • Azure
  • SAML and
  • AD
Customers Also Viewed These Support Documents