How can we improve Azure Active Directory?

← Azure Active Directory

Implement the ability to join Mac OS X to Azure AD

It would great to have the ability to allow Mac OS X users with the ability to join Azure AD.

118 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Robert Martin shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

15 comments

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Richard Brooks commented  ·   ·  Flag as inappropriate

    OK, I'm back again, with the same request. Microsoft MUST make it possible for Macintosh users to join Azure AD, or at least sync their local keychain password with Azure. It sucks that I have been harping on this for several years now, with NO intelligent response from anyone at Microsoft. Plus, I'm convinced someone cuts and pastes the requests they don't want to accumulate too many votes into smaller individual requests. Which means our voice (the USER voice) never sees the light of day.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Office 365 & mac users needs to have a UNIQUE password on device --> local account synchronized with azure ad or office 365 credentials directly for login. If direct integration with AAD is not possible, it could be implemented using managed apple id credentials (federated with azure ad). You implemented SSO but only for apps, why not for local keychain??

  • Richard Brooks commented  ·   ·  Flag as inappropriate

    We use Federated Identity in Apple Business Manager to sync AppleIDs with Azure Active Directory. We also run Mosyle Auth which allows us to logon to our Macs with our Office 365 credentials. Mosyle Auth syncs local Macintosh user passwords with AzureAD, but unfortunately, I must use Mosyle's MDM, when I'd rather use Intune. It's pretty convoluted, but it works. This demonstrates what happens when Microsoft decides to let the market come up with solutions to a problem that they should have solved in the first place.

  • Alex Withers commented  ·   ·  Flag as inappropriate

    We are using JumpCloud, would just be a much better offering if we could have it all in the same place to manage, especially for customers who are both Mac OSX & Windows

  • Richard Brooks commented  ·   ·  Flag as inappropriate

    Hey there is! I gave up waiting for Microsoft to fix this - believe me I've been on this rant for four years. We just implemented Mosyle MDM (business.mosyle.com), which is $1.00 per device per month, and added their **just released** Mosyle Auth, which lets my Mac users authenticate against Azure AD (or AD, or ADFS, or Google) from their logon screen. Mosyle Auth is an add-on which costs $0.34 per device per month. It's not full-on AD join; it only performs an authentication that, when successful, takes you to your Mac desktop. It then has a mechanism that sync's your Mac's local password to Azure. Performs SSO as well though I haven't tried that yet. So far it's working OK for us.

  • Dan Chemistruck commented  ·   ·  Flag as inappropriate

    JAMF Connect is cost prohibitive for organizations below 20 users. JumpCloud wants to be the source of authority for passwords, which isn't great.

    It would be great if there was an agent to deploy to MacOS to support Azure AD sign on.

  • Richard Brooks commented  ·   ·  Flag as inappropriate

    And finally, please gather together all the similar posts that are making this request and put them together in ONE. Then we can truly see just how many people are asking Microsoft for this same functionality.

  • Richard Brooks commented  ·   ·  Flag as inappropriate

    By the way, in the feature request entitled "Enable Apple Mac binding with Azure AD Domain Services", the idea was CLOSED without my question being answered. Here it is again, Azure AD Team Product Manager said "Moved to device registration based on user feedback that they want Macs to join Azure Active Directory (not Azure AD DS, which is possible) directly." But I can't find this feature request under Device Registration.
    Please tell me where I can go to this request so I can direct my Mac friends to go and vote for it.

  • Richard Brooks commented  ·   ·  Flag as inappropriate

    So this idea keeps getting rejected one way or another. So here we go again: Microsoft needs to fix this - and take responsibility for the ability for Windows AND Macintosh to connect to Azure AD from the login prompt. This way we can ditch our on premise Active Directory servers once and for all. Then and only then will I stop making these posts.

Azure Active Directory: End user experiences

Categories

Feedback and Knowledge Base

(thinking…)
Hosted by UserVoice