Preparing Azure AD for automatic device registration
Set up a connection to Azure AD, configure the registration CNAME, and enable Azure DRS for automatic device registration.
Before you begin
-
Install PingFederate server running version 8.4 or later
-
Run Office 365 federated domain with appropriate subscriptions
-
Run a functional WS-Federation/WS-Trust connection to Office 365 configured on the PingFederate server
-
Ensure username and Kerberos Token Processors are functional and in use for authenticating Office 365 users.
-
Install Azure AD Connect running for Active Directory synchronization with Azure AD
-
Ensure that you are running the latest version of Azure AD Connect. For more information, see Azure AD Connect
Steps
-
Set up a service connection point using one of the following methods:
Choose from:
-
To configure manually, see the Microsoft product documentation with Configure hybrid Azure AD joined devices manually.
-
To configure using the wizard, see the Microsoft product documentation with Configure hybrid Azure Active Directory join for federated domains.
-
-
Configure the enterprise registration CNAME record on your DNS server. For more information, see the Microsoft product documentation with Create DNS records for O365 using Windows-based DNS
-
Enable Azure Device Registration Service (DRS).
-
Open the Microsoft Azure portal.
-
Go to Azure Active Directory → Devices → Device settings.
-
In the Users may join devices to Azure AD field, click All.
-
In the Users may register their devices with Azure AD field, click All. Click Save.
-