User Profile
Aluca12
Copper Contributor
Joined 7 years ago
User Widgets
Recent Discussions
AAD Connect sync local mail attribut as cloud UPN
Hi Everyone, during installation of Azure AD Connect and synching on-premise user accounts into my cloud tenant and matching these with already existing cloud only accounts, I run into the problem that the on-premise UPN(custom built from name and surname) is set as cloud UPN and not the proxy/mailaddress of my testaccounts. I simply want that AAD Connect sets the mail or proxyaddress(SMTP:...) attribut as UPN for the matched cloud accounts, which already have their mail address as UPN but after synchronization these correct UPNs are gone. The cloud domain is set up as upn suffix on-premise and the domain is verified in the tenant. Is there any configuration I can change or adjust e.g. in the rules editor of AAD Connect or somewhere else which solves my problem? I know that I can set the UPN via powershell to the correct one after sync but this can't be the best way to do it. Thanks in advance! Julian27KViews0likes7CommentsM365 E3 assigned to gbl Admin but no access to Azure computing
Hi, I don't know what I'm doing wrong but I'm trying to use the Azure AD Premium Plan 1 from the Microsoft 365 E3 license assigned to the global admin account for testing with azure cloud computing but I get the message that there is no Azure subscription available. I checked in the Abonnements menu and there is also nothing visible, also changing the directory isn't working. Do I need to activate the AAD P1 license or something else that I can use it finally? Thanks and RegardsSolved1.8KViews0likes4CommentsRe: Calendar button missing - On Prem 2016 Exchange
Hey, I have the same problem/question and I'm new to exchange and O365 authentication methods. Can you tell how I can check if OAuth is functioning after configuring Azure AD Sync and if not, what need I to do to get OAuth working? Kind Regards62KViews0likes0CommentsRe: AAD Connect sync local mail attribut as cloud UPN
Hi, after several days of testings with different configurations I get this to work with configuring mail as UserPrincipalName in the AD connect wizard and manually creating the Immutableid of our AD users and adding this ID to their corresponding cloud accounts. After this procedure our AD users are hard matched to their cloud identities with their mail as primary mail and cloud UPN :) This issue should be solved now. Kind Regards Julian26KViews0likes1CommentRe: AAD Connect sync local mail attribut as cloud UPN
Thanks for the link, I added a new inbound rule which sets the UPN to mail(the mail attribut in AD is set to the primarySMTP address similar to the cloud accounts) but another issue occured. Now test users are syncing fine and with the wanted UPN to the cloud tenant but login isn't working anymore to any cloud ressource. After investigation I found out that now the cloud UPN is used for authentication via password passthrough on the on-premise AD. This works as expected of course but the on-premise AD doesn't recognize the mail UPN as viable user login. I'm not sure what I need to do that the cloud UPN is transformed back to the AD UPN while login data checking(if this is possible anyways, I'm not really sure how the login data is processed step for step in the AAD Connect agent) or if I need to set the mail attribut as UPN during AAD Connect installation? I tried this before but I got errors saying duplicate attributes were populated and so users were not synced.26KViews0likes3CommentsRe: AAD Connect sync local mail attribut as cloud UPN
VasilMichev Hi Vasil, well, it's a problem because it's annoying to work around atm. If there is a easy way to accomplish my goal without much effort, then I'll be happy but currently I haven't found anything useful. As I'm not familiar with these rules I haven't touched them yet. If I understand you correctly I just need to change in your string the "userPrincipalName" to "mail" at the correct place?26KViews0likes5CommentsRe: Work profile cannot be created on Galaxy Tab S4
Ok, after a few tests it seems you are right. I was sure I saw a video with a fully-managed and work profile on it and the docu also states that enterprise devices can have added work profiles. I need to test with dedicated devices again as it didn't work there too but that has no priority atm. Thanks for all your help ;) Have a nice day!4.6KViews0likes1CommentRe: Work profile cannot be created on Galaxy Tab S4
Hi, I checked my tenant again but I still can't get it working. My test user has M365 Business and EMS E5 licenses added, managed Google Play is setup, the intune portal app is approved in Google Play and I configured the device registration restrictions to Android=blocked, Android Work Profile=Allowed but still I get the same errors during enrollment via app: "Work Profile can not be added. Work profile can not be added to this device. Please contact your Administrator." and "Device could not be added. To manage your device, you need to approve all system permissions". To clarify my procedure, I enroll my tablet with the fully managed QR-Code token and as soon as the intune portal app is installed, I try enrolling it with the work profile where the error messages mentioned appear. I enabled the developer options on my device and could find 2 suspicious entries in the log file: ... com.google.android.apps.work.clouddpc/.receivers.CloudDeviceAdminReceiver: .. userRestrictions: no_add_managed_profile defaultEnabledRestrictionsAlreadySet={no_add_managed_profile} .. It seems that either the user itself has no permissions for creating a work profile or the device was given a false setting. May I ask which enrollment path you use for your devices Alexander Vanyurikhin ? Kind Regards Julian4.6KViews0likes3CommentsRe: Work profile cannot be created on Galaxy Tab S4
Hey Andrew, thanks for your help, I could enroll with this demo and a work profile was successfully created without any errors. It's good to know but I'm very curious why it isn't working when enroll with the intune portal app. Besides the option under device enrollment restrictions I can't see any other switch or button which seems related to work profile settings. Do you have anything in mind? I will also try this bugreport in the next days. Tahnks and have a nice sunday. Julian4.7KViews0likes1CommentWork profile cannot be created on Galaxy Tab S4
Hi, I'm testing with Intune for several days with a Samsung Galaxy Tab S4 but I can't get my tablet to create a work profile. When I installed the Intune portal app and started registrating my device, it stopps with the error message: "Device cannot be added. Pls accept all system permission requirements" but there aren't any windows poping up to agree the samsung terms and so on. My tablet is in the list of google enterprise devices, running on android 8.1.0 and I couldn't find any info that work profiles are not supported on this device. I activated the device enrollment restriction for Android work profiles. Is this a bug or is my device simply not supported for work profiles? Thanks and Regards AluSolved4.8KViews0likes8Comments
Recent Blog Articles
No content to show