05-18-2022 09:31 AM
Hello,
Since upgrading to AnyConnect 4.10.05095 we've found that our Windows clients no longer report device information as part of the SAML sign-in process which causes them to fail Conditional Access policies that require a domain-joined or InTune compliant device check. Users instead get an error that they are attempting to access a resource that requires a domain-joined device from a personal device and are unable to complete the SAML sign-in.
Looking at the Azure AD sign-in logs we can see the upgraded clients don't show the Device ID or information about the device state beyond a generic Edge User Agent. For comparison devices using previous versions of AnyConnect show the Azure AD Device ID and information about the device. This seems to be related to a setting in the implementation of the WebVew2 component as is documented here: https://github.com/MicrosoftEdge/WebView2Feedback/issues/550
For now we've reverted to using the registry key workaround documented in the AnyConnect release notes for 4.10.05095 but this is a pain to deploy and I'm not certain it will continue to operate as Microsoft phases out IE 11.
Has anyone been able to get WebView 2 working with device-based Conditional Access?
Thanks!
Solved! Go to Solution.
05-24-2022 10:04 AM
This issue will be resolved in the next release of AnyConnect. For now the registry key must be used.
05-18-2022 10:57 AM
Please check your private messages regarding this issue.
Thanks,
Steve S.
05-18-2022 02:10 PM
We are having the same exact issue in our environment. Can you share the resolution for this?
05-24-2022 10:04 AM
This issue will be resolved in the next release of AnyConnect. For now the registry key must be used.
06-09-2022 10:49 AM
Any insight on when that fixed version will be available?
Thanks,
Paul
06-09-2022 12:46 PM
This was just posted to CCO. version 4.10.05111
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide