Home

Using Intune when organisation has a Microsoft PKI and smartcards for WIndows domain logins

Highlighted
Calum Steen
Regular Visitor

Using Intune when organisation has a Microsoft PKI and smartcards for WIndows domain logins

My organisation has had a Microsoft PKI integrated with our Active Directory, so all staff are provsioned with smartcards to for login to our Windows domain. When staff are given the smartcard they get a PIN to release the credential but are not given the automatically generated AD password.

 

Our on-premise applications use integrated Windows Authentication so once on the domain they get access without a password prompt.

 

We have ADFS set-up for federated access to Office 365, so staff only input their email to get logged into Office 365. In fact we don't sync passwords with AD Connect.

 

Since we have comprehensive single sign-on experience and staff don't know their Windows domain password, we're not sure how to start with Intune for managing Android devices. 

 

Appreciate we need to download the Intune Company Portal app for Android, but we've not seen any guidance on enrollment when the organisation has PKI & smartcards for Windows domain authentication.

 

1 Reply

Re: Using Intune when organisation has a Microsoft PKI and smartcards for WIndows domain logins

I believe what you want to do is Certificate-based authentication (CBA):

https://docs.microsoft.com/en-us/azure/active-directory/active-directory-certificate-based-authentic...

 

As you can see, Microsoft Intune Company Portal is not listed. If it does work, it may not be supported by Microsoft.

 

I know Intune will deploy all the needed certs to the devices for this to work as stated in the UserVocie link. I would also create your own feedback in the UserVocie as this seems like a major requirement for your organization.

 

 

https://microsoftintune.uservoice.com/forums/291681-ideas/suggestions/9926163-a-document-on-how-to-u...

Related Conversations
Announcement: New OneDrive Admin Center Preview
Stephen Rose  in  OneDrive for Business  on
119 Replies
Adding external users to teams
Sean Whyment  in  Microsoft Teams  on
301 Replies
How to connect a "Team" to a "Group"
Mike Dumka  in  Microsoft Teams  on
39 Replies
Ignite 2017 map
Tom Crow  in  Microsoft Ignite Conversations  on
25 Replies
Spawning unlimited channels
Luke Hares  in  Microsoft Teams  on
48 Replies