Do the users also have a hybrid identity; i.e., are the on-prem AD user accounts also be synced to Azure AD using AAD Connect? If so, that is all that is required to deploy apps from the Microsoft Store for Business to users using ConfigMgr. No client-side configuration or logins are required.
Azure AD Autojoin for Business Store
Good evening,
I have a challenge regarding Azure Active Directory and I wonder, wether someone can help me with it.
My Client want's me to provide a prototype for a Microsoft Store for Business. As deployment platform we want to use Endpoint Configuration Manager.
I already set up a app registration inside our AAD and started synchronizing Apps. Deploying offline apps is already working. I have problems deploying online apps. According to Microsofts documentation I need a Azure AD (hybrid) joined device and a Azure AD user to install online apps from Business Store through ECM. In a testing environment I enabled Hybrid Azure Active Directory Join for devices and Pass Through Authentication for users. I configured our GPO's to join my testing devices to AAD.
With dsregcmd I confirmed that this works.
In our environment all users sign in with their On Premise AD Account and we'd like to keep it that way. Therefore installing online apps is not possible. As solution i tried adding a "Work Account" in Windows settings. After adding this account Application deployment works. Now my question is: Is it possible to automate this task that the Azure AD account is linked automatically? Or is there another way to deploy online apps through ECM?
I'm sorry if this question is a little confusing. I'm a Azure newbie. I appreciate any help. Thanks
1 answer
Sort by: Most helpful
-
Jason Sandys 31,311 Reputation points Microsoft Employee
2021-01-15T22:46:37.49+00:00