ADFS 3 Device Registration SSL SAN required with Workplace Join

I came across an interesting issue when deploying Workplace Join as part of a migration to ADFS 3. ADFS had been tested as working correctly with the Device Registration service initialized and enabled, but I could not register Windows devices.

After running the lab (which used different different host names!) and checking many settings I decided to go back to the beginning (always a good place to start) and review the Device Registration requirements listed on TechNet. Surprise, I had missed something really obvious in my clients choice of a wildcard SSL certificate - something I normally dig my heels in over.

Solution: You must add enterpriseregistration. (i.e. enterpriseregistration.noak.es where dan@noak.es is the UPN) to the certificate used for Device Registration as a SAN for each UPN suffix in use.

Straight from the horse's mouth, "AD FS must be configured with a server SSL certificate that includes the well-known Device Registration server names" and this is followed by an example, "enterpriseregistration.".

Ah, that explains it, but then somewhat confusingly TechNet states:

"You can satisfy this requirement in two ways. You can use a wildcard certificate that covers all of the possible names used at your company or you can add the additional names as subject alternative names."


Important: The first way above is not true, at least for now, either that or the Device Registration service is not implemented as designed with all devices in mind.
Posted by Daniel Noakes at 4/24/2014 01:17:00 am

Office 365 IE8 support ends 8 April 2014

If you use IE8 with Office 365 it is now time to upgrade or deploy an alternate browser. I see this as a huge step forward, enabling new and the best experience in the browser for users... on any device!

 You can deploy a newer version of IE,  best to use IE10 or IE11. The latest version of Chrome, Firefox and Safari (on Mac) supported by the vendor are also designed to work with Office 365.

 TechNet: Office 365 System Requirements:
http://technet.microsoft.com/en-us/library/office-365-system-requirements.aspx

Office 365 is designed to work with the current or immediately previous version of Internet Explorer. We recommend that you upgrade to the latest version of Internet Explorer after it is released. Office 365 might continue to work with versions of Internet Explorer other than the current and immediately previous versions for some time after the release of a new version of Internet Explorer, but Office 365 can’t provide any guarantees.
When accessing Office 365 from older versions of Internet Explorer, users may experience known issues and limitations depending on the versions of Internet Explorer, including:
  • Internet Explorer 9   Office 365 does not offer code fixes to resolve problems you encounter when using the service with Internet Explorer 9. You should expect the quality of the user experience to diminish over time, and that many new Office 365 experiences might not work at all.
  • Internet Explorer 8   The user experience sending and receiving email with Outlook Web App and Internet Explorer 8 might be substantially diminished, especially when used on Windows XP or with low memory devices. Office 365 does not offer code fixes to resolve problems you encounter when using the service with Internet Explorer 8, and new Office 365 experiences might not work at all. You should also expect the quality of the user experience with Internet Explorer 8 to diminish further in the near future. After April 8, 2014, Internet Explorer 8 will only display Outlook Web App Light.

Posted by Daniel Noakes at 4/01/2014 01:26:00 am

OneDrive for Business - 1 TB quota available

If, unlike me, you are lucky enough to have a large storage pool in SharePoint Online it is now possible to assign 1024 GB / 1 TB  to OneDrive for Business Office 365 users. If you don't buy more storage each E user still gets 25 GB of personal storage and adds 500 MB to the overall pool.
 

OneDrive for business - 1TB quota












This started rolling out a week or so back, keep an eye out for it. I believe the maximum amount of storage which can be purchased per tenant is 25 TB... that is for now I guess.

More information on SharePoint Online and OneDrive for Business limits can be found here.
Posted by Daniel Noakes at 3/25/2014 07:57:00 am

Exchange Online: Get a Hybrd key

If you have or plan to deploy Exchange Hybrid within your Exchange Server 2003 or 2007 Org obtaining the key just became a lot easier.

http://aka.ms/hybridkey

This wizard drives through validating eligibility to issue Exchange Server 2010 or 2013 keys. This is for Hybrid only, so it is not permitted to host mailboxes.

Enjoy.
Posted by Daniel Noakes at 3/12/2014 02:17:00 am

Office 365 Servie Descriptions & Package This

These days I work almost exclusively with Office 365 and an essential tool in my bag are the service descriptions. These keep me honest, so as not to get confused or blur the line, and are essential reading for anyone undertaking an Office 365 deployment.
 
With "the new Office 365" Microsoft has shifted away from Word documents to publishing them directly on TechNet. This is great because never again will I have out of date information, but not so great for taking it with me (offline) or including a copy with a business document.
 
Office 365 Service Desciptions on TechNet
Office 365 Service Descriptions on TechNet:  http://technet.microsoft.com/en-us/library/jj819284.aspx
 
The problem comes when I want to read these offline (in bed, on the train) or bundle them in to a report or proposal. Searching on TechNet isn't really that focussed and results can vary.
 
So, how to resolve this? You could print/save to PDF or OneNote, which is ok but I find Pack This on CodePlex particularly useful.
 
"Package This is a GUI tool written in C# for creating help files (.chm and .hxs) from the content obtained from the MSDN Library or the TechNet Library via the MSDN Content Service. You select the content you want from the table of contents, build a help file, and use the content offline. You are making personalized ebooks of MSDN or TechNet content. Both help file formats also give full text search and keyword search."
 
With Package This I can export to CHM or HXS for offline viewing and searching. An XML file can be saved targeting the specific content on TechNet or MSDN for easy updating in the future.

Package This on CodePlex: http://packagethis.codeplex.com/
Posted by Daniel Noakes at 3/03/2013 02:00:00 am
Subscribe to: Posts (Atom)