Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
In order to have Workplace Join working, double-check the following:
- Outside of your company network (aka “the internet”)
Ping “enterpriseregistration.yourpublicdomain.com”, it should resolve to the IP of your Web Application Proxy.- If case no IP is resolved, edit your public domains DNS zone and add a CNAME “enterpriseregistration” pointing to your Web Application Proxy servername.
- RDP into your Web Application Proxy and ping “enterpriseregistration.yourpublicdomain.com”
- If ping fails, edit your hosts file.
- RDP into your Web Application Proxy, open a browser and enter:
https://enterpriseregistration.EXTERNALDOMAIN.com/EnrollmentServer/contract?api-version=1.0
You should get a response:
From an external non-domain joined client:
- Import the root CA certificate in case you are using self-signed certificates on the ADFS server
- Open a browser and navigate to
https://enterpriseregistration.EXTERNALDOMAIN.com/EnrollmentServer/contract?api-version=1.0
- In case you get a response, Workplace Join should work.
- In case it doesn’t: RDP to your Web Application Proxy and add a Published Web Application like shown in the screenshot below
Consider leaving a reply in case this post helped you. Thanks!
Comments
- Anonymous
July 31, 2015
I have been reviewing the capabilities of NDES and the integration of BYOD. The question I have is, would it be possible to have direct access and/or work place join for MAC devices without using a MDM? I was hoping for a Office 365 or Azure AD Premium solution leveraging ADFS. I also want to mention what when I explore the Office 365 capabilities it always refers to a token, can we place a certificate on the systems to allow on premises access via a VPN or a direct access solution?