Forum Discussion

DaveChomas's avatar
DaveChomas
Icon for Microsoft rankMicrosoft
Apr 08, 2019

Extensions - Chrome or Microsoft Store?

so if an extension is available on both stores, should I use the one from the MS Store?  and do I need to use the Win 10 Accounts extension to get SSO?  
Balaje_Krishnan's avatar
Balaje_Krishnan
Icon for Microsoft rankMicrosoft
Apr 08, 2019

DaveChomas - I would recommend using the extension from Microsoft Store as we have verified the extension before hosting. You shouldn't be required to use Win 10 Accounts extension for SSO as the browser should pick up your signed in account profile (AAD if corp machine) that should be used for SSO for all corp sites. Let us know if you are having any issues with respect to SSO.

  • SteveOhh's avatar
    SteveOhh
    Copper Contributor
    May 07, 2019

    Balaje_Krishnan Any updates to this?  New install, domain joined and going to portal.office.com requires me to enter name and creds. 

    • Balaje_Krishnan's avatar
      Balaje_Krishnan
      Icon for Microsoft rankMicrosoft
      May 07, 2019

      SteveOhh - let me check with my team on this again & I will get back to you.

      • Avi Vaid's avatar
        Avi Vaid
        Icon for Microsoft rankMicrosoft
        May 07, 2019

        Hey SteveOhh , you should not be receiving a cred prompt on portal.office.com. Could you help us with a repro for this?

        1. What platform are you using? If Win10, what version?

        2. What account are you signed into the browser with? (check the profile control right next to the smiley in the address bar)

        3. What version of Microsoft Edge are you running? (check edge://version)

        CC: Balaje_Krishnan

  • danny_grasso's avatar
    danny_grasso
    Brass Contributor
    Apr 10, 2019

    Balaje_Krishnan Seeing the same SSO issue where "Windows 10" Edge is not prompting for MFA (using Conditional Access and condition is domain joined computer). Edge Dev is prompting for MFA.

  • Wesley Horn's avatar
    Wesley Horn
    Copper Contributor
    Apr 09, 2019

    Balaje_Krishnan 

     

    We have used the Windows 10 Accounts extension to get Chrome to recognize machines as HybridAD joined for the purposes of Conditional Access.  However it appears that Edge doesn't properly see the endpoints as hybrid joined so they are having CA applied to them.  Adding the Windows 10 Accounts extension from the Chrome store doesn't seem to resolve the issue.

     

    Am I missing something or is this just a feature that isn't part of the new Edge yet?

     

    Thanks!

    • Eric_Lawrence's avatar
      Eric_Lawrence
      Icon for Microsoft rankMicrosoft
      Apr 16, 2019
      That's correct. At present, Edge has support for SSO using the signed-in user's profile credentials, but this does NOT provide the AAD Conditional Access device attestation. For Chrome, you'd install the extension in question.

      I'm a bit surprised to hear that this same extension isn't working for Edge itself, but rest assured that this is an area that we are actively working on.
      • Stephen Kerkmann's avatar
        Stephen Kerkmann
        Copper Contributor
        Sep 05, 2019

        Eric_Lawrence 

         

        Has this issue been resolved. Its really hard to tell. Can't find any updates on this forum. I need Edge Chromium on a hybrid joined device to be recognized by conditional access rules.  I was under the impression that this was coming but I don't see any news on this. 

         

        Does the old Chrome extension provide this capability if installed. I tested and it didn't seem that way ?

         

        Anyone have an update on this ?

Resources