Apr 21 2020 02:54 AM
Apr 21 2020 02:54 AM
we are running a terminal Server farm based on Server 2019 with Edge Version 81. We do have a adfs infrastructure with azure ad. We want to automate the Login process and Synchronisation of the favorites for our users.
We are having Problems with the following Points:
Thank you for your help
Apr 22 2020 12:44 AM
I'll use your points to answer:
You can set this in the user object in your onprem AD in the account tab, right beside the account name you can enter @domain.topdomain
1) You can't change the dialog box but you can force by GPO setting that the user only can logon with @domain.topdomain
2) I don't know.
Apr 22 2020 12:59 AM
Thanks ffor your reply, we already have set the upn logon name in the on prem ad to the correct domain.
May 06 2020 10:47 PM
we have stoped investigating this issue, we have written an instruction for our users how to configure the synchronisation in Edge.
We are very disapointed about this solution and how microsoft is "improving" simple solutions like the ie favorites.
May 06 2020 10:50 PM
You have to modify the user agent string configuration on on-prem ADFS as described here: https://docs.microsoft.com/en-us/deployedge/microsoft-edge-security-identity#windows-integrated-auth...
To support WIA-based SSO on Microsoft Edge (version 77 and later), you might also have to do some server-side configuration. You will probably have to configure the ADFS property WiaSupportedUserAgents to add support for the new Microsoft Edge user agent string.
After that modification it worked in our environment.
May 07 2020 04:04 AM
I don't think this is the same that @Moelli and I are looking for. We want, at least in my case, that when our users run MS Edge Chromium, that it automatically logs in to their Azure AD account instead of their DOMAIN\UserName - this allows users to sync favorites. That's basically what I'm after for my users.
Dec 03 2020 09:31 AM
@Moelli Have you figure this out? I am having the same issue.
Here is my situation.
We have VDIs that we want users to login using their <username>@<companyname>.com. but the way I have the GPO set up it always forces them to either login to Edge as <domain>\<ADname>. Or it forces them to type it themselves (which we want this to be automated)
Our VDI pool delete itself after they logoff or shutdown (non-persistent), so this is why we want it automated.
Our current Windows 10 PC, people login using their <username>@<companyname>.com method and they can't sync their user data once they move to a virtual desktop when it is logging them in <domain>\<ADname>.
Is there a GPO I am not finding??