Forum Discussion
Custom User Agent Strings
Russell Meyer Are you referring to the Enterprise Mode and the Enterprise Mode Site List? My understanding was in IE11 the list was used to determine the compatibility mode for a site but not the UA String or maybe there is another IE Policy 🙂
I'm not sure which browser your organization is currently using but websites developed for IE should work in Microsoft Edge through IE mode. Since it sounds like you are having a compatibility issue please feel free to reach out to the App Assure team for remediation assistance (ACHELP@microsoft.com) and help with your specific scenario. Thanks!
-Kelly
We are trying to get folks over to MS Edge Chromium, and we do leverage IE Compatibility XMLs for legacy sites that are still transitioning...This issue is we want to continue to leverage edge but with select MS Applications like ADFS, we need to inject a custom string so that it will force forms based auth...now I know you mentioned IE compatibility XML, yes we can put the adfs server in that however due to the engine flipping back and forth it looses the auth and identity so we have to put all sites for exchange online and other 365 sites in the IE XML which is not ideal as we lose features...I recognize this is an edge case (no pun intended) but I have been asking MS for some time (few years and cases) and have yet to get an answer on user agent strings future...ideally this could be also solved if the ADFS would allow a way to force select groups to forms based auth (again multiple cases and years)
- Kelly_YDec 06, 2021Microsoft
Russell Meyer Sounds like it's been a while you've been chasing down these issues. Somethings that might help with authentication if you are moving over to Microsoft Edge and using IE mode is configuring neutral sites or using cookie sharing.
Here is some documentation:
- https://docs.microsoft.com/en-us/deployedge/edge-ie-mode-sitelist#configure-neutral-sites
- https://docs.microsoft.com/en-us/deployedge/edge-ie-mode-faq#incomplete-neutral-site-configurations
- https://docs.microsoft.com/en-us/deployedge/edge-ie-mode-add-guidance-cookieshare
And like I mentioned, if you need help with your issue the App Assure team https://aka.ms/AppAssure can help with your problem.
-Kelly
- Russell MeyerDec 06, 2021Brass ContributorWe leverage the neutral sites for a few web apps in similar situation where the token is generated on site 123.vendor.com and then goto 456.vendorportal.com
just seems like I am doing alot of work for something in IE we could easily control...let me see what I can do with cookies and adfs, but on the surface it appears I need to know the cookie name- Russell MeyerDec 07, 2021Brass Contributorwell going through debug I think I have found something...but will take some time...I believe the tokens are userid,ohpauth,ohptoken
- Russell MeyerDec 07, 2021Brass Contributorso did the cookie thing and that worked! however there appears to be a delay when loading IE mode and user agent strings...I have a GPO that specifies the useragent string for IE...initial page load in IE tosses edge UserAgent info, but upon refresh it shows correct info...going to test canary and beta builds
- Kelly_YDec 07, 2021Microsoft
Russell Meyer Are you on v96? The team is tracking an issue starting in v96 involving IE mode and the wrong UA String. Other customers have mentioned after refreshing it fixes the UA string.
For a little background, it appears the introduction of the InternetExplorerIntegrationComplexNavDataTypes policy might be a factor. One work around suggested is disabling the InternetExplorerIntegrationComplexNavDataTypes policy (set to 0).
In case you are running into this issue, we can keep you updated about the fix they are working on.
-Kelly