Does not work with Azure Conditional Access

%3CLINGO-SUB%20id%3D%22lingo-sub-482206%22%20slang%3D%22en-US%22%3EDoes%20not%20work%20with%20Azure%20Conditional%20Access%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-482206%22%20slang%3D%22en-US%22%3E%3CP%3EWhen%20using%20Edge%20Dev%20Beta%20in%20a%20work%20environment%2C%20if%20a%20computer%20is%20Azure%20AD%20Joined%20and%20has%20Conditional%20Access%20policies%20in%20place%2C%20Edge%20Dev%20Beta%20does%20not%20seem%20to%20register%20with%20the%20CA%20system%20and%20results%20in%20a%20%22not%20compliant%20Browser%22%20within%20the%20CA%20system.%3C%2FP%3E%3CP%3EConditional%20Access%20Documentation%3C%2FP%3E%3CP%3E(%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fconditional-access%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fconditional-access%2F%3C%2FA%3E)%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI'm%20sure%20this%20is%20related%20to%20the%20fact%20that%20it's%20in%20Dev%20Beta%20but%20i%20wanted%20to%20point%20it%20out%20early%20on%20in%20the%20development%20lifecycle.%20Just%20be%20sure%20at%20time%20of%20release%20this%20is%20working.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-714283%22%20slang%3D%22en-US%22%3ERe%3A%20Does%20not%20work%20with%20Azure%20Conditional%20Access%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-714283%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F69111%22%20target%3D%22_blank%22%3E%40Phillip%20Frabott%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EThese%20Earlier%20builds%20might%20not%20support%20some%20of%20the%20more%20locked%20down%20environments.%20I%20will%20pass%20your%20concerns%20to%20the%20product%20team.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%3EGabriel%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-742710%22%20slang%3D%22en-US%22%3ERe%3A%20Does%20not%20work%20with%20Azure%20Conditional%20Access%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-742710%22%20slang%3D%22en-US%22%3E%3CP%3EI%20too%20have%20this%20issue.%26nbsp%3B%20We%20just%20started%20enabling%20conditional%20access%20for%20managed%20devices%20and%20laptops.%26nbsp%3B%20It%20works%20great%20in%20Chrome%20with%20the%20Chrome%20extension%20%22Windows%207%20Accounts%22.%26nbsp%3B%20So%20I%20added%20the%20extension%20to%20Edge.%26nbsp%3B%20It%20logs%20me%20in%20without%20prompts%20but%20still%20prevents%20me%20from%20actions%20based%20on%20the%20CA%20rules.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-830533%22%20slang%3D%22en-US%22%3ERe%3A%20Does%20not%20work%20with%20Azure%20Conditional%20Access%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-830533%22%20slang%3D%22en-US%22%3EHave%20you%20all%20tried%20creating%20a%20Profile%20with%20AAD%20account%20and%20tried%20Conditional%20Access%20on%20Edge%20Dev%20Beta%20%3F%20Also%20which%20Windows%2010%20builds%20are%20you%20trying%20conditional%20access%20%3F%3CBR%20%2F%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-831231%22%20slang%3D%22en-US%22%3ERe%3A%20Does%20not%20work%20with%20Azure%20Conditional%20Access%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-831231%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F398823%22%20target%3D%22_blank%22%3E%40Arunesh%3C%2FA%3EPlease%20clarify%3F%26nbsp%3B%20Are%20you%20saying%20you%20have%20it%20working%20and%20are%20trying%20to%20help%20us%20troubleshoot%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI'm%20on%20Windows%20build%2018362%20and%20Edge%20Dev%20build%2078.0.249.1%3C%2FP%3E%3CP%3EI'm%20in%20a%20special%20pilot%20group%20testing%20Conditional%20Accessing%20that%20includes%20the%20rules%20for%20managed%20devices%2C%20so%20I'm%20guessing%20it's%20a%20CA%20profile.%26nbsp%3B%20I%20don't%20admin%20the%20CA's%20but%20just%20work%20with%20the%20team%20that%20does.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ERemove%20me%20from%20the%20group%20testing%20CA%2BManaged%20Devices%2C%20New%20Edge%20works.%26nbsp%3B%20Put%20me%20back%20in%20it%2C%20and%20I%20get%20authentication%20to%20pass%20through%2C%20but%20I%20get%20the%20OneDrive%20and%20SharePoint%20warnings%20there%20is%20no%20download%2Fprint%20options%20when%20I'm%20on%20certain%20screens%20that%20use%20it.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-849902%22%20slang%3D%22en-US%22%3ERe%3A%20Does%20not%20work%20with%20Azure%20Conditional%20Access%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-849902%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F351648%22%20target%3D%22_blank%22%3E%40PeteFromDenver%3C%2FA%3E%26nbsp%3BYes...the%20NEW%20Edge%20supports%20Conditional%20Access.%20You'll%20need%20to%20add%20your%20corporate%20Azure%20Active%20Directory%20(AAD)%20account%20to%20the%20Edge%20local%20profile%20by%20going%20into%20Edge%20settings%20for%20it%20to%20work.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1006812%22%20slang%3D%22en-US%22%3ERe%3A%20Does%20not%20work%20with%20Azure%20Conditional%20Access%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1006812%22%20slang%3D%22en-US%22%3EThanks%2C%20I'll%20test%20this%20week.%3C%2FLINGO-BODY%3E
Highlighted
Contributor

When using Edge Dev Beta in a work environment, if a computer is Azure AD Joined and has Conditional Access policies in place, Edge Dev Beta does not seem to register with the CA system and results in a "not compliant Browser" within the CA system.

Conditional Access Documentation

(https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/)

 

I'm sure this is related to the fact that it's in Dev Beta but i wanted to point it out early on in the development lifecycle. Just be sure at time of release this is working.

6 Replies
Highlighted

@Phillip Frabott 

 

These Earlier builds might not support some of the more locked down environments. I will pass your concerns to the product team.

 

Gabriel

Highlighted

I too have this issue.  We just started enabling conditional access for managed devices and laptops.  It works great in Chrome with the Chrome extension "Windows 7 Accounts".  So I added the extension to Edge.  It logs me in without prompts but still prevents me from actions based on the CA rules.

Highlighted
Have you all tried creating a Profile with AAD account and tried Conditional Access on Edge Dev Beta ? Also which Windows 10 builds are you trying conditional access ?
Highlighted

@AruneshPlease clarify?  Are you saying you have it working and are trying to help us troubleshoot?

 

I'm on Windows build 18362 and Edge Dev build 78.0.249.1

I'm in a special pilot group testing Conditional Accessing that includes the rules for managed devices, so I'm guessing it's a CA profile.  I don't admin the CA's but just work with the team that does.

 

Remove me from the group testing CA+Managed Devices, New Edge works.  Put me back in it, and I get authentication to pass through, but I get the OneDrive and SharePoint warnings there is no download/print options when I'm on certain screens that use it.

Highlighted

@PeteFromDenver Yes...the NEW Edge supports Conditional Access. You'll need to add your corporate Azure Active Directory (AAD) account to the Edge local profile by going into Edge settings for it to work.

Highlighted
Thanks, I'll test this week.