Account Creation with GCC HIGH involvement (esp. "Other User" situation)

%3CLINGO-SUB%20id%3D%22lingo-sub-2721641%22%20slang%3D%22en-US%22%3EAccount%20Creation%20with%20GCC%20HIGH%20involvement%20(esp.%20%22Other%20User%22%20situation)%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2721641%22%20slang%3D%22en-US%22%3E%3CP%3EHello%2C%3C%2FP%3E%3CP%3EWhen%20deploying%20the%20HoloLens%202%20into%20an%20enterprise%20where%20the%20Azure%20environment%20is%20GCC%20High%2C%20clearly%20the%20biggest%20pain%20point%20has%20been%20%22Account%20Creation%22%20-%20both%20%22device%20owner%22%20(initial%20account)%20as%20well%20as%20the%20additional%20accounts%20created%20on%20the%20device%20(known%20as%20%22Other%20User%22)%20accounts.%26nbsp%3B%3C%2FP%3E%3CP%3EIt%20seems%20that%20win10%20Holographic%26nbsp%3B%3CSPAN%3E19041.1146%20is%20the%20ONLY%20OS%20version%20where%20we%20can%20apply%20this%20OS%20and%20then%20be%20able%20to%20create%20BOTH%20the%20%22device%20owner%22%20and%20%22other%20user%22%20accounts.%20(our%20integration%20to%20internal%20authentication%20is%20such%20that%20the%20Hololens%20experience%20includes%20an%20initial%20attempt%20at%20kerberos%20login%20that%20then%20fails%20(as%20we%20dont%20use%20kerberos)%20and%20then%20redirects%20to%20form%20based%20auth%2C%20as%20desired).%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAnother%20thing...with%20HoloLens%20on%20GCC%20High%2C%20the%20account%20creation%20process%20sometimes%20offers%20%22sign%20in%20from%20another%20device%22%20option%2C%20which%20is%20nice...however...when%20triggering%20that%20option%2C%20the%20code%20is%20provided%20as%20desired%20but%20the%20URL%20provided%20is%20supposed%20to%20be%26nbsp%3B%3CSTRONG%3E%3CA%20href%3D%22https%3A%2F%2Fmicrosoft.com%2Fdeviceloginus%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fmicrosoft.com%2Fdeviceloginus%3C%2FA%3E%26nbsp%3B%3C%2FSTRONG%3Ebut%20the%20actual%20URL%20provided%20to%20us%20ends%20in%20%2Fdevicelogin%20-%20note%20the%20missing%20%22us%22%2C%20which%20means%20that%20the%20HoloLens%20and%5Cor%20azure%20is%20not%20realizing%20that%20we%20are%20trying%20to%20access%20GCC%20HIGH%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Eis%20anyone%20else%20having%20these%20kinds%20of%20problems%3F%20we%20are%20finding%20over%20an%20over%20again%20that%20when%20we%20try%20a%20newly%20released%20win10%20Holographic%20OS%20with%20desirable%20new%20features%20and%20bug%20fixes...we%20can't%20use%20it%2C%20because%20it%20won't%20properly%20support%20the%20account%20creation%20process%20on%20GCC%20HIGH.%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E
New Contributor

Hello,

When deploying the HoloLens 2 into an enterprise where the Azure environment is GCC High, clearly the biggest pain point has been "Account Creation" - both "device owner" (initial account) as well as the additional accounts created on the device (known as "Other User") accounts. 

It seems that win10 Holographic 19041.1146 is the ONLY OS version where we can apply this OS and then be able to create BOTH the "device owner" and "other user" accounts. (our integration to internal authentication is such that the Hololens experience includes an initial attempt at kerberos login that then fails (as we dont use kerberos) and then redirects to form based auth, as desired). 

 

Another thing...with HoloLens on GCC High, the account creation process sometimes offers "sign in from another device" option, which is nice...however...when triggering that option, the code is provided as desired but the URL provided is supposed to be https://microsoft.com/deviceloginus but the actual URL provided to us ends in /devicelogin - note the missing "us", which means that the HoloLens and\or azure is not realizing that we are trying to access GCC HIGH?

 

is anyone else having these kinds of problems? we are finding over an over again that when we try a newly released win10 Holographic OS with desirable new features and bug fixes...we can't use it, because it won't properly support the account creation process on GCC HIGH. 

0 Replies