My organisation has had a Microsoft PKI integrated with our Active Directory, so all staff are provsioned with smartcards to for login to our Windows domain. When staff are given the smartcard they get a PIN to release the credential but are not given the automatically generated AD password.
Our on-premise applications use integrated Windows Authentication so once on the domain they get access without a password prompt.
We have ADFS set-up for federated access to Office 365, so staff only input their email to get logged into Office 365. In fact we don't sync passwords with AD Connect.
Since we have comprehensive single sign-on experience and staff don't know their Windows domain password, we're not sure how to start with Intune for managing Android devices.
Appreciate we need to download the Intune Company Portal app for Android, but we've not seen any guidance on enrollment when the organisation has PKI & smartcards for Windows domain authentication.
