1,307 questions
Have you got a chance to look at it?
Federation - Sign in to Azure AD with Google Account - Issue with password,PIN for Azure AD Joined machines
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(124.80000000000001, 80%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
matekubi
26
Reputation points
Hello,
My goal is to log in with Google Account to Azure ID.
I was able to achieve this by running user provisioning in Google - now, the account created in Google are automatically created in Azure. It is fine.
The second step was adding the possibility to log in to Azure with Google Account - it is also done. Once I log to the Azure portal, it redirects me to Google and comes back to Azure. I did this by using: Set-MsolDomainAuthentication -Authentication Federated and some more parameters from Google.
Now, I want to connect some connect to Azure AD. After Windows 10 installation, I select WORK ACCOUNT and put my email. It is also working fine. It redirects me to Google and login correctly (federation works perfectly). Later told me that my company requires Windows Hello and ask me for creating PIN. After the creation of PIN I'm able to login to the system. Everything went fine.
Problems\Questions:
1) I can log in to the system by using PIN. What in case if I forgot PIN? When I select "I don't remember PIN on login screen" Windows starts "thinking" and after a few minutes its back me to the login screen again. Looks like I'm not able to reset the PIN. Something doesn't work.
2) Ok. I have a problem with PIN. So, let's try with the password. Trying....and see that password is incorrect. I know that I have federation to Google and Google stores my password but I was able to create this account (earlier by a redirect to Google), so, why I'm not able to do this now? During the login process? Something is wrong with Azure or my settings? It might be the BUG or something? Keep in mind that I have federation settings by: Set-MsolDomainAuthentication -Authentication Federated
3) I can't reset the password for the account in Azure AD portal. It is normal because Azure doesn't store my creational - only Google. But How can I fix the above two points? When I forgot PIN I have to reinstall the computer :) ???
I hope that everything above is clear. I was wondering why I'm facing those issues. Is there any "lack" in Azure for this federated setup or I did something wrong?
My Azure AD is in the version provided by Office 365.
Microsoft Security | Active Directory Federation Services
Microsoft Security | Microsoft Entra | Microsoft Entra ID
25,160 questions
{count} votes
-
Alfredo Revilla - Upwork Top Talent | IAM SWE SWA 27,526 Reputation points Moderator2020-07-31T14:46:19.7+00:00 What extra parameters where used with Set-MsolDomainAuthentication? Where are you trying to reset the password?
-
matekubi 26 Reputation points
2020-08-03T10:06:05.317+00:00 1) Set-MsolDomainAuthentication
-DomainName $domainName
-FederationBrandName $domainName-Authentication Federated
-PassiveLogOnUri $passiveLogOnUri-ActiveLogOnUri $activeLogonUri
-SigningCertificate $signingCertificate-IssuerUri $issuerUri
-LogOffUri $logOffUri `
-PreferredAuthenticationProtocol "SAMLP"2) Azure Portal - Select user na try to reset password.
-
Alfredo Revilla - Upwork Top Talent | IAM SWE SWA 27,526 Reputation points Moderator
2020-08-04T22:20:27.117+00:00 @matekubi i will try this on my end and come back to you.
-
matekubi 26 Reputation points
2020-08-05T07:03:44.89+00:00 Thank you. It would be great. Just let me know if you need anything to clarify.
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 97%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEC%3C/text%3E%3C/svg%3E)
Edomer Csury 1 Reputation point2021-02-17T21:30:45.617+00:00 Any chance, that you figured that out?
Sign in to comment