We have completed two methods integration with Azure AD customers only: 1) Made use of the customers existing Azure IaaS environment and dumped a Cloud Connector in there, which in-turn talked to an AD server with the same Azure IaaS environment 2) Recently made use of LDAPS that was setup in Azure AD, Workspace ONE UEM then is connected to Azure AD *present issue with this, group synchronization is not working correctly, groups can be searched but users in groups are not sync'd*
Azure Only integration has worked for me. Unfortunately, VMware doesn't have a proper guide as to how you do it but maybe I can help.
I also wanted to advise that due to iOS restrictions, this wouldn't work with DEP. I have confirmed with my colleague with apple that federated access through DEP won't be available through ABM soon. This, however, is already available through ASM.
If you are using Samsung Devices, this should work with KNOX KME (Android Enterprise setup). During the initial setup, it will redirect you to the Microsoft login page. I can give you access to the portal I have set up so that you can have a look and see.
You do not need AAD with this or any local AD integration unless you want security groups synced.
Hey there Greg. Wondering if you can provide some guidelines on how you got AAD Only configured in WS1. I'm in a siloed environment, so the more info on the Azure pre-reqs and config that you can provide the better. I'll likely have to provide some guidance to the Azure team to describe what I need when coordinating this.