Forum Discussion

DaveChomas's avatar
DaveChomas
Icon for Microsoft rankMicrosoft
Apr 08, 2019

Extensions - Chrome or Microsoft Store?

so if an extension is available on both stores, should I use the one from the MS Store?  and do I need to use the Win 10 Accounts extension to get SSO?  
Wesley Horn's avatar
Wesley Horn
Copper Contributor
Apr 09, 2019

Balaje_Krishnan 

 

We have used the Windows 10 Accounts extension to get Chrome to recognize machines as HybridAD joined for the purposes of Conditional Access.  However it appears that Edge doesn't properly see the endpoints as hybrid joined so they are having CA applied to them.  Adding the Windows 10 Accounts extension from the Chrome store doesn't seem to resolve the issue.

 

Am I missing something or is this just a feature that isn't part of the new Edge yet?

 

Thanks!

Eric_Lawrence's avatar
Eric_Lawrence
Icon for Microsoft rankMicrosoft
Apr 16, 2019
That's correct. At present, Edge has support for SSO using the signed-in user's profile credentials, but this does NOT provide the AAD Conditional Access device attestation. For Chrome, you'd install the extension in question.

I'm a bit surprised to hear that this same extension isn't working for Edge itself, but rest assured that this is an area that we are actively working on.
  • Stephen Kerkmann's avatar
    Stephen Kerkmann
    Copper Contributor
    Sep 05, 2019

    Eric_Lawrence 

     

    Has this issue been resolved. Its really hard to tell. Can't find any updates on this forum. I need Edge Chromium on a hybrid joined device to be recognized by conditional access rules.  I was under the impression that this was coming but I don't see any news on this. 

     

    Does the old Chrome extension provide this capability if installed. I tested and it didn't seem that way ?

     

    Anyone have an update on this ?

    • Wesley Horn's avatar
      Wesley Horn
      Copper Contributor
      Sep 05, 2019

      Stephen Kerkmann 

       

      This works for me.  But you have to log into Edge with your AAD account that is subject to the conditional access.  If you log in with any other account it won't work.

       

      You don't need the extension either, as I don't and it works fine.

      • Stephen Kerkmann's avatar
        Stephen Kerkmann
        Copper Contributor
        Sep 06, 2019

        Wesley Horn 

         

        Got it. Yes that worked. Has the requirement for login to edge been debated. That seems like it might be extra work to rollout or communicate in an enterprise environment ? 

         

        Thanks again.

         

        Stephen

Resources