Jul 07
Azure – Do not configure Enhanced Protected Mode by GPO to get Azure AD Seamless SSO to work

A colleague of mine shared his experience while trying to make Azure AD Seamless SSO to work.

As reminder Azure AD Seamless SSO is still under preview; Azure Active Directory Seamless Single Sign On (Azure AD Seamless SSO) provides single sign-on for users signing in on their corporate desktops connected to the corporate network. When enabled, users won't need to type in their passwords to sign into Azure AD.

He discovered that a GPO settings is causing trouble with Azure AD Seamless SSO: Enhanced Protected Mode

If you configured to enable it, Seamless SSO is not working.

You need to set the value to Not Configured.

This settings can be found under Computer Configuration\Computer Policy\Administrative Templates\Windows Components\Internet Explorer\Internet Control Panel\Advanced Page and is called Turn on Enhanced Protected Mode

image 

​Privacy Information

This blog is using tracking code for analytics purpose.

No personal data are stored and maintained.

 Copyright

 Follow Me On

 Share This

 Translation Tool

Translate this page