cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

AIP Client Authentication Prompt

Reto Gobat
Copper Contributor

‎Apr 23 2020 07:00 AM - last edited on ‎May 24 2021 02:09 PM by

‎Apr 23 2020 07:00 AM - last edited on ‎May 24 2021 02:09 PM by

AIP Client Authentication Prompt

Hey guys,

 

We just installed Azure Information Protection Client in our environment. We are using onPremise AD with PTA and seamless SSO. Everything is working great except the onetime Authentication prompt to AIP, when starting an Office app. We just have to supply the username and the rest is working automatically.

 

2020-04-23 15_56_52-SHD-MGT-01.shared.oym-its.ch - Remotedesktopverbindung - __Remote.png

 

I have read through the documentation but could not find a hint.

All other services such as portal.office.com are working without any prompts, so seamless SSO is clearly not the problem.

 

Thank you very much for your help!

5,090 Views
0 Likes
8 Replies
Reply
8 Replies
PeterRising

‎Apr 23 2020 07:51 AM

‎Apr 23 2020 07:51 AM

Re: AIP Client Authentication Prompt

@Reto Gobat 

 

Are the AIP IP addresses being allowed through your firewall?

 

The Azure Information Protection service also depends on two specific IP addresses:

  • 13.107.6.181
  • 13.107.9.181

 

As per - https://docs.microsoft.com/en-us/azure/information-protection/requirements

 

0 Likes
Reply
Vasil Michev

‎Apr 23 2020 09:57 AM

‎Apr 23 2020 09:57 AM

Re: AIP Client Authentication Prompt

Seamless SSO it client-dependent, not every application support it. Some apps deliberately provide you with a prompt, to address scenarios where you might be using more than one id/tenant.

 

That said I'm not sure whether this is "expected" with the AIP client, might be a good uservoice suggestion if not :)

0 Likes
Reply
Reto Gobat

‎Apr 23 2020 11:40 PM

‎Apr 23 2020 11:40 PM

Re: AIP Client Authentication Prompt

@PeterRising 

Thanks for the tip. Yeah these IP adresses are allowed.

 

@Vasil Michev 

Thanks, any idea where to check if it is an "exptected" behavior :)?

0 Likes
Reply
PeterRising

‎Apr 24 2020 01:43 AM

‎Apr 24 2020 01:43 AM

Re: AIP Client Authentication Prompt

@Reto Gobat 

 

Just to clarify, does this happen every time you open an Office client app such as Word or Excel?  If so, then I don't believe this is expected behaviour.

0 Likes
Reply
Reto Gobat

‎Apr 24 2020 09:01 AM

‎Apr 24 2020 09:01 AM

Re: AIP Client Authentication Prompt

No it is just happening the first time for every user.
0 Likes
Reply
PeterRising

‎Apr 24 2020 09:05 AM

‎Apr 24 2020 09:05 AM

Re: AIP Client Authentication Prompt

@Reto Gobat 

 

Ah, that would be expected the first time in my opinion. 

0 Likes
Reply
JanBakkerOrphaned

‎Apr 30 2020 02:31 AM

‎Apr 30 2020 02:31 AM

Re: AIP Client Authentication Prompt

@Reto Gobat Few tips on this:

 

- Is the Information Protection app triggered in any Conditional Access rule? Take a look a that. 

- try adding *.Protection.Outlook.com to your list of trusted sites (or intranet zone) 

0 Likes
Reply
Reto Gobat

‎May 11 2020 07:47 AM

‎May 11 2020 07:47 AM

Re: AIP Client Authentication Prompt

@JanBakkerOrphaned 

Thank you for you reply.

 

- No AIP ist not part of any Conditional Access Policies

- Unfortunately adding *.protection.outlook.com does not help

0 Likes
Reply