VMware Workspace ONE Community
dragan979
Enthusiast
Enthusiast
‎04-27-2020 09:37 AM
Jump to solution

Outlook - application configuration

Enrollment type: Work managed device

Capture.PNG

I tried to auto-configure outlook as described here

I can't see "key:value" pair

AD user is NOT synchronized with Office 365

Email is specified in email field in AD user properties

Capture.PNG

AD connector:

what-is-a-content-management-system-1.png

I Configured outlook as below, but again, user us prompted to enter email address, is it possible to auto-configure outlook for on enrolled device ?

Capture.PNG

1 Solution

Accepted Solutions
rterakedis
VMware Employee
VMware Employee
‎04-27-2020 10:26 PM
Jump to solution

dragan979​ -- If i'm following this correctly, what you're saying is you have On-Premises AD, and O365, but they are not synchronized.  This basically means you have two distinct forests.   The key here is to understand which directory is being used as the source of record to sync in "user" details into Workspace ONE.   I'm going to assume you've connected Workspace ONE to your on-premises AD, which means your user attributes may not have the same values as your user attributes in Azure AD (backing O365).

The only way you'll be able to potentially get this working is if there is overlap between the user's attributes in AAD and On-Premises AD.   In other words, if you run Get-AzureADUser ​on the user's account and look at the LDAP values (userprincipalname, email, username, etc), does that match any of the values being pulled in from the on-premises AD which can be specified as a lookup value?  

Sidenote:   Microsoft has documented the App Configuration settings for iOS and Android in much greater detail recently:   Deploying Outlook for iOS and Android app configuration settings | Microsoft Docs

Hope that helps clear things up.

Rob

View solution in original post

7 Replies
chengtmskcc
Expert
Expert
‎04-27-2020 09:57 AM
Jump to solution

For username, try {UserPrincipalName}.

dragan979
Enthusiast
Enthusiast
‎04-27-2020 10:16 AM
Jump to solution

No, userprincipal name is NOT email address, it's  local AD domain name,format first.name@domain.local

Users have email address specified in email field in AD user properties

0 Kudos
chengtmskcc
Expert
Expert
‎04-27-2020 10:21 AM
Jump to solution

This is how mine was configured, and we utilize Workspace ONE Access for Modern Auth so password is not required. However, I wouldn't imagine your and my AD is much different in terms of email address configuration.

pastedImage_0.png

dragan979
Enthusiast
Enthusiast
‎04-27-2020 10:24 AM
Jump to solution

If you're using on-premise exchange, then it makes sense, but we're using separate Office 365 account (not related to AD accounts), they're not synchronized, but i noticed you specified modern auth, we'll give it a try

Thanks a lot.

0 Kudos
rterakedis
VMware Employee
VMware Employee
‎04-27-2020 10:26 PM
Jump to solution

dragan979​ -- If i'm following this correctly, what you're saying is you have On-Premises AD, and O365, but they are not synchronized.  This basically means you have two distinct forests.   The key here is to understand which directory is being used as the source of record to sync in "user" details into Workspace ONE.   I'm going to assume you've connected Workspace ONE to your on-premises AD, which means your user attributes may not have the same values as your user attributes in Azure AD (backing O365).

The only way you'll be able to potentially get this working is if there is overlap between the user's attributes in AAD and On-Premises AD.   In other words, if you run Get-AzureADUser ​on the user's account and look at the LDAP values (userprincipalname, email, username, etc), does that match any of the values being pulled in from the on-premises AD which can be specified as a lookup value?  

Sidenote:   Microsoft has documented the App Configuration settings for iOS and Android in much greater detail recently:   Deploying Outlook for iOS and Android app configuration settings | Microsoft Docs

Hope that helps clear things up.

Rob

dragan979
Enthusiast
Enthusiast
‎04-28-2020 12:04 AM
Jump to solution

Yes, you're right, i synchronized on-premise Active Directory,

unfortunately, there is no exact match in properties when comparing in powershell

Get-ADUser vs Get-AzureADuser

Userpincipalname has nearest match

user@example.local vs use@example.com, in on-prem AD, userprincipalname can be switched to example.com, we'll give it a try.

Big thanks !

0 Kudos
dragan979
Enthusiast
Enthusiast
‎04-28-2020 12:46 AM
Jump to solution

It seems it's working now, in On-premise AD, changed UPN from domain.local to domain.com and it worked.

Thanks a lot !