I have an onpremise Workspace ONE install that's currently intergrated with Active Directory. Admins can sign into the console using their "domain\username" credentials and users can enroll their phone using the same. I also have groups syncing from AD.
I want to make this more secure by using Azure AD for authentication instead so MFA can be utilised since everything is obviously accessible over the internet. However, I can't see any solid info on converting from one sign in method to the other.
Currently I've followed the guides up to the point of changing the Directory Type to None. At this stage, if I go to the SSO sign in URL "https://domain/AirWatch/Login?gid=ID" I get taken to the Azure AD sign in process and then I'm taken back to the Workspace One sign in page where currently, no non-local credentials will work past that point. So it seems to almost be working without changing the directory type to None.
Has anyone else done this before?