Jul 12 2017 06:21 AM
We are using Okta for sign in to our environment. We've just gotten our first Surface Hub and it's all configured and updated to current 1703 version. The problem is that when we try to have a user sign on we hit Okta and it sits and spins. Fortunately the account I set up as the resource acount is using domain.onmicrosoft.com so that account atleast works. My initial outreach to Okta is that Surface Hub is not supported. Further testing with my normal Win10 PC also flops on trying to sign on to any of the Office Mobile apps, this is actually the first time I tried it since we've not had a need to use the mobile apps in our environment (everyone's got the full suite installed). If anyone out there is an Okta user and knows if there is a fix / work around I would sure appreciate knowing how to get past this.
Jul 16 2017 07:56 PM
Jul 17 2017 08:14 AM
Yes, we've discovered that works, I'm wondering if it's something to do with our internal Okta server not set up for HTTPS authentication. I have the same problem with my non domain joind windows 10 pc and the word/excel/ppt apps.
Jul 19 2017 09:50 AM
It's probably best to troubleshoot with a Win 10 PC with the Office Suite and SfB installed. Once you get that working, Surface Hub should work as well.
Aug 15 2017 06:29 AM
We had to make some registry settings for the Okta authentication to work internally (EnableAdal = 1 ao) I'm trying to find out how to make those settings on the SurfaceHub
Aug 16 2017 05:19 AM
There are remote management options if you have an MDM solution, but I don't see anything in there about ADAL. Maybe in the future?
https://docs.microsoft.com/en-us/surface-hub/manage-settings-with-mdm-for-surface-hub
Jan 08 2018 09:08 AM
Yes, we ran into the same issue with both the Surface Hub and internal Win10 users.
It's a known issue and easily remedied changing your IWA server(s) to HTTPS/SSL.
Jan 23 2018 06:12 PM
What is the new user experience? Are you double prompted for creds when you sign in? Once with a Windows Auth grey box followed by an OKTA sign in web page?
Jan 27 2018 09:15 AM
Correct. Double prompted currently. We are migrating all MS/O365/Azure related SSO from Okta to Azure AD this year because of this and other SSO abnormalities in Intune, Outlook, etc. Having Okta in the middle without reason isn't making sense for us for anything MS related.
Jan 29 2018 03:37 AM
Jan 29 2018 05:18 AM