VMware Workspace ONE Community
MattWilliamsMat
Contributor
Contributor
‎09-01-2021 09:51 PM

Migrating from AD authentication to Azure AD

I have an onpremise Workspace ONE install that's currently intergrated with Active Directory. Admins can sign into the console using their "domain\username" credentials and users can enroll their phone using the same. I also have groups syncing from AD.

I want to make this more secure by using Azure AD for authentication instead so MFA can be utilised since everything is obviously accessible over the internet. However, I can't see any solid info on converting from one sign in method to the other.

Currently I've followed the guides up to the point of changing the Directory Type to None. At this stage, if I go to the SSO sign in URL "https://domain/AirWatch/Login?gid=ID" I get taken to the Azure AD sign in process and then I'm taken back to the Workspace One sign in page where currently, no non-local credentials will work past that point. So it seems to almost be working without changing the directory type to None.

Has anyone else done this before?

Labels (1)
Labels
0 Kudos
1 Reply
JosueNegron
VMware Employee
VMware Employee
‎09-02-2021 02:59 PM

So it sounds like you are using SAML integration to integrate with AAD if that’s the case you will want to ensure that the username attribute is sent in the exact same format that the username matches today. Domain\username. You are likely sending a different format.