The simplest way to do this is to enable Password (cloud deployment) so that our users are able to authenticate with their Active Directory credentials using the Identity Manager Connector we installed and configured. What's great about this method is that its outbound meaning that a user authentication request never comes inbound so there's no inbound firewall rules.
Let's look at how to configure this authentication method and set up our default access policy to use it.
We need to go to our Workspace ONE Access Tenant admin portal.
Go to Identity & Access Management, Manage, and then Identity Providers.
We now need to select the Built-in Identity Provider.
Select your internal directory/domain
Select the ALL RANGES Network
Select your Connector from the dropdown list
And associate this authentication method with the Connector and press Save!
Now we need to update our Access Policies to use this authentication method.
Select 'Policies' and EDIT DEFAULT POLICY
Inside your policy, there should be two entries by default. Click on the ALL RANGES option for whatever device types that are listed.
We can now have user's authenticate with their Active Directory credentials.
To see this end to end, below is a video.
Next up, we need to configure device enrollment.
No comments:
Post a Comment