cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Updates to auto sign in with on-prem Active Directory accounts

Avi Vaid
Microsoft

‎Feb 20 2020 11:38 AM

‎Feb 20 2020 11:38 AM

Updates to auto sign in with on-prem Active Directory accounts

We've heard your feedback and are committed to making your identity experience great. In Edge Beta 81.0.416.11 and version 82.0.427.0 onwards, On-prem Active Directory account auto sign in (sign in with accounts of the type DOMAIN\username) will only be targeted to organizations that enable it. 

 

If an organization does not turn this feature on, users will only be auto signed in with the primary account on their operating system if it is an MSA or an AAD account. If there is no primary account or the primary account is an on-prem Active Directory account, users will not be signed into Microsoft Edge. Users that were auto signed in with their on-prem Active Directory accounts in a previous release will be able to sign out of it when they upgrade to newer versions of Microsoft Edge.

 

If you are an admin and you would like your users to be auto signed in with their on-prem Active Directory accounts, you can use the ConfigureOnPremisesAccountAutoSignIn (https://docs.microsoft.com/en-US/DeployEdge/microsoft-edge-policies#configureonpremisesaccountautosi...) policy to enable this. If you'd like to have your users auto signed in with their AAD accounts instead, please hybrid join your environment (https://docs.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-federated-domain...).

 

We hope that this helps make your Identity experience in Microsoft Edge better. Let us know if there is anything we could do to make this experience better. Thanks!

11.7K Views
6 Likes
5 Replies
Reply
5 Replies
sheffieldc

‎Mar 27 2020 04:26 AM

‎Mar 27 2020 04:26 AM

Re: Updates to auto sign in with on-prem Active Directory accounts

@Avi Vaid

 

Hi Avi

 

Are you able to clarify a couple of points for me?

 

We have on-premise AD, Azure AD Connect syncing users to Office 365, with all services cloud-hosted. I thought I might be able to get automatic sign-in to each user's Office 365 identity in the same way Office apps do but from reading your post it sounds like this isn't possible (yet?)

 

1. (I hope this doesn't sound facetious.) What is the benefit of having the user sign into Edge with the on-premise AD account, if not to sync with the associated AzureAD/Office365 identity? Does it just improve authentication with on-premise services?

 

2. If we hybrid-join our domain PCs, will users that login in the standard way (DOMAIN\Username) then be signed in with their AzureAD/Office365 identity automatically? Or do they then need to start logging in using their e-mail address or similar?

 

Cheers!
Chris

1 Like
Reply
Avi Vaid

‎Mar 30 2020 03:53 PM

‎Mar 30 2020 03:53 PM

Re: Updates to auto sign in with on-prem Active Directory accounts

@sheffieldc Chris, great questions. As of now we don't have a way to get auto sign in with the O365 account without hybrid joining. Some thoughts on your questions below:

  1. The benefits are having a specified work profile, this helps with windows information protection features. It will also come into play in the future when we enable on-premise sync and if we create preferred SSO with the signed in account
  2. Yes. If you hybrid join your domain PC, users can log into windows as DOMAIN\Username and then be signed into Edge with their AAD (O365) accounts automatically.
1 Like
Reply
sheffieldc

‎Mar 31 2020 12:36 AM

‎Mar 31 2020 12:36 AM

Re: Updates to auto sign in with on-prem Active Directory accounts

@Avi Vaid

 

That's great, thanks Avi! 

1 Like
Reply
TCadm444

‎Feb 22 2021 02:04 PM

‎Feb 22 2021 02:04 PM

Re: Updates to auto sign in with on-prem Active Directory accounts

@sheffieldc Hi Sheffieldc! Forgive me for resurrecting this old thread, but did you ever find a way to have users automatically sign into their Azure AD accounts, in edge, while their PC is on-premise domain joined?

 

Thanks very much!

 

0 Likes
Reply
sheffieldc

‎Feb 23 2021 01:15 AM

‎Feb 23 2021 01:15 AM

Re: Updates to auto sign in with on-prem Active Directory accounts

@TCadm444 

 

Hello! Not with purely on-premise AD - we are now using hybrid join, which signs our users into Edge seamlessly. While your mileage may vary, for us enabling hybrid join had no real tangible impact beyond enabling Edge auto sign-in, so subject to your own impact assessment I would recommend enabling hybrid join.

0 Likes
Reply