One Big Step for Apple SSO and One Giant Leap for Platform SSO
Ғылым және технология
In this video I walk you through the setup for Microsoft Platform SSO (PSSO). I also look at the context around Platform SSO in relation to other Microsoft SSO capabilities and the Apple SSO framework.
Ill show you how to:
1- Configure a Settings Catalog Policy within Intune
2 - Enrol a Virtual Apple Mac device run in Parallels and using the Company portal
3 - Install Platform SSO with a Password policy
4 - Demonstrate the synchronised device login experience and using PSSO to access Office 365 Apps
00:00 Introduction
00:45 Discussing the context for Platform SSO alongside the SSO framework
07:55 Configuring the settings catalog Platform SSO policy (for password authentication)
15:30. Enrolling a virtual mac device into Intune
18:37. Registration with Platform SSO on the mac device
22:08. Demonstrate the new login process using Platform SSO
22:46. Demonstrate the login experience to Office 365 Apps
24:30 Summary and finish
Your reference points for this video include:
1 - Microsoft - learn.microsoft.com/en-us/ent...
2- Somesh Pathak - www.intuneirl.com/implementin...
Andy Jones is a Microsoft Technical Architect at BT and Organiser at CloudManagement.Community. He's on Twitter @Andy_69Jones. Any views or opinions expressed here are his own.
Пікірлер: 8
Does a user have to go through all those steps? Or can this all be silently configured? Second, is the process you showed the same if the device would be enrolled via ABM/DEP?
@theCMC
2 ай бұрын
Hi, there are a number of steps yes to register with Platform SSO and the actual number depends on the authentication method (Secure enclave, Password or smart card) you choose. My video has extra steps with enrolling the device using the company portal. These aren't needed naturally just for Platform SSO. There isn't a way to do all this silently at the moment and even with ADE and the first login experience you still need to register with Platform SSO. Have a look at the reference in the video description: learn.microsoft.com/en-us/entra/identity/devices/device-join-macos-platform-single-sign-on?tabs=password. On this website scroll down and choose the tab for the auth method you want and it shows you the experience. Hope this helps.
@the_fatshark
2 ай бұрын
@@theCMC Thanks for the video, your reply and your explanation! Hope it will be more ‘silent’ when it gets GA, because explaining all this to users… Well you get my point :)
Please upload more videos to understand how to manage ISO and mac devices effectively from intune
@theCMC
Ай бұрын
Dinesh have you seen my other videos in the playlist ? Is there anything specific you are looking for ?
Is it possible for a user to BYOD and have a local personal account along with a work local account? Keeping all data separate?
@theCMC
Ай бұрын
Marcus, with user enrolment after authentication and enrolment to Intune a managed Apple ID account is added to the device for accessing configured Apple services and apps. This can coexist with your local account so access to personal data still exists and is separate yes. Have a look here support.apple.com/en-gb/guide/deployment/dep23db2037d/web