AuthPoint Cause Issues with Azure Domain Join?

It appears that we get the following error when we try to Add Machine to Azure Domain:

This doesn't look like a work or school email address. User another email address or select 'Back' tp setup Windows with your Microsoft Account

Our Azure AD Joined machines also are unable to sync passwords..... note that this was all working before with DUO and that we have a hybrid environment and AuthPoint works on portal.office.com.....

I opened ticket with WG Support and Microsoft Support but no cigar....

We are beginning the process of going as serverless as possible and we were on a roll with Microsoft Azure AD Joining but it appears AuthPoint is throwing us in for a loop...

Azure AD Joining does work on a test global admin with X.onmicrosoft.com at the end which is what tells me that this is an issue with the AuthPoint federation piece of things.

Comments

  • Hi

    Did you sort this?

    Is this with the windows logon app, or m365 authpoint?

  • mboscolomboscolo Moderator, WatchGuard Representative

    Can you confirm if the issue which you are encountering is outlined in this Knowledge Base article.

    https://techsearch.watchguard.com/KB/WGKnowledgeBase?lang=en_US&SFDCID=kA10H000000g6BaSAI&type=Article

  • edited February 2021

    @Mark_Boscolo said:
    Can you confirm if the issue which you are encountering is outlined in this Knowledge Base article.

    https://techsearch.watchguard.com/KB/WGKnowledgeBase?lang=en_US&SFDCID=kA10H000000g6BaSAI&type=Article

    I can tell you for a fact that is not the issue we are running into.

    This is something that should work in an Hybrid Azure environment (which ours is). This has to do with the fact that AuthPoint needs to allow these protocols: WS-Trust and WS-Fed

    Here is the exact quote from Microsoft support when I asked them if the AuthPoint setup should work (which they said it should as long as the protocols are allowed):

    "Thank you for your email. In order to move forward with troubleshooting, please verify that your environment meets the requirements in the article below. Previous emails indicated that WatchGuard was to verify that they are using WS-Trust and WS-Fed.

    https://docs.microsoft.com/en-us/azure/active-directory/devices/azureadjoin-plan"

  • I currently am working this ticket with our Technical Rep at WG (as we are a Platinum Partner) to see if this is something WG Engineering can fix/provide support for as it is something that is supposed to work..

  • mboscolomboscolo Moderator, WatchGuard Representative

    Thanks,

    The developers are currently checking into this, thanks for responding and confirming.

    Mark

  • @Mark_Boscolo said:
    Thanks,

    The developers are currently checking into this, thanks for responding and confirming.

    Mark

    Is there a status on this?

  • Hi,
    Same here, authpoint fully fonctionnal outside this message.
    Any update for a solution ?

  • @mboscolo said:
    Thanks,

    The developers are currently checking into this, thanks for responding and confirming.

    Mark

    Is there a status on this?

  • james.carsonjames.carson Moderator, WatchGuard Representative

    @Tristan.Colo I would suggest checking the ticket you made, as that will have the bug/feature request attached to it. I'm not sure what one is being referenced as the ID# isn't mentioned anywhere in this thread.

    -James Carson
    WatchGuard Customer Support

  • edited April 2023

    @james.carson said:
    @Tristan.Colo I would suggest checking the ticket you made, as that will have the bug/feature request attached to it. I'm not sure what one is being referenced as the ID# isn't mentioned anywhere in this thread.

    The original ticket I made was years ago when I worked at a different company so I unfortunately do not have the reference. I am sorry.

  • james.carsonjames.carson Moderator, WatchGuard Representative
    edited April 2023

    ~~@Tristan.Colo

    --incorrect info removed--

    This was marked as closed due to a technical issue, and won't be implemented. The team that worked on the issue is working on preparing a statement related to that issue.

    -James Carson
    WatchGuard Customer Support

  • edited April 2023

    Unfortunately there is no reference to AAAS-14301 or for the protocol names in the Known Issues database or the Release Notes , so there is no way to have known that this was resolved even if one knew the Tracking ID.

  • james.carsonjames.carson Moderator, WatchGuard Representative

    @Bruce_Briggs
    Most bugs and feature requests are updated via support cases. Customers can track these issues by creating a support case and receiving updates in the ticketing system.

    -James Carson
    WatchGuard Customer Support

Sign In to comment.