Enrollment type: Work managed device
I tried to auto-configure outlook as described here
I can't see "key:value" pair
AD user is NOT synchronized with Office 365
Email is specified in email field in AD user properties
AD connector:
I Configured outlook as below, but again, user us prompted to enter email address, is it possible to auto-configure outlook for on enrolled device ?
dragan979 -- If i'm following this correctly, what you're saying is you have On-Premises AD, and O365, but they are not synchronized. This basically means you have two distinct forests. The key here is to understand which directory is being used as the source of record to sync in "user" details into Workspace ONE. I'm going to assume you've connected Workspace ONE to your on-premises AD, which means your user attributes may not have the same values as your user attributes in Azure AD (backing O365).
The only way you'll be able to potentially get this working is if there is overlap between the user's attributes in AAD and On-Premises AD. In other words, if you run Get-AzureADUser on the user's account and look at the LDAP values (userprincipalname, email, username, etc), does that match any of the values being pulled in from the on-premises AD which can be specified as a lookup value?
Sidenote: Microsoft has documented the App Configuration settings for iOS and Android in much greater detail recently: Deploying Outlook for iOS and Android app configuration settings | Microsoft Docs
Hope that helps clear things up.
Rob
For username, try {UserPrincipalName}.
No, userprincipal name is NOT email address, it's local AD domain name,format first.name@domain.local
Users have email address specified in email field in AD user properties
This is how mine was configured, and we utilize Workspace ONE Access for Modern Auth so password is not required. However, I wouldn't imagine your and my AD is much different in terms of email address configuration.
If you're using on-premise exchange, then it makes sense, but we're using separate Office 365 account (not related to AD accounts), they're not synchronized, but i noticed you specified modern auth, we'll give it a try
Thanks a lot.
dragan979 -- If i'm following this correctly, what you're saying is you have On-Premises AD, and O365, but they are not synchronized. This basically means you have two distinct forests. The key here is to understand which directory is being used as the source of record to sync in "user" details into Workspace ONE. I'm going to assume you've connected Workspace ONE to your on-premises AD, which means your user attributes may not have the same values as your user attributes in Azure AD (backing O365).
The only way you'll be able to potentially get this working is if there is overlap between the user's attributes in AAD and On-Premises AD. In other words, if you run Get-AzureADUser on the user's account and look at the LDAP values (userprincipalname, email, username, etc), does that match any of the values being pulled in from the on-premises AD which can be specified as a lookup value?
Sidenote: Microsoft has documented the App Configuration settings for iOS and Android in much greater detail recently: Deploying Outlook for iOS and Android app configuration settings | Microsoft Docs
Hope that helps clear things up.
Rob
Yes, you're right, i synchronized on-premise Active Directory,
unfortunately, there is no exact match in properties when comparing in powershell
Get-ADUser vs Get-AzureADuser
Userpincipalname has nearest match
user@example.local vs use@example.com, in on-prem AD, userprincipalname can be switched to example.com, we'll give it a try.
Big thanks !
It seems it's working now, in On-premise AD, changed UPN from domain.local to domain.com and it worked.
Thanks a lot !