So, you’ve enabled Workspace ONE for your organisation, you’re on your way to End User Nirvana. Theres just one thing in your way, the Username and Password field! Workspace ONE is great at becoming a one stop shop for all Web, Native and Virtual Applications, leaving your users with just one password to remember. But… what if that could be a thing of the past! On a Workspace ONE Managed Device (macOS or Windows 10), your users can simply open their Browser of Choice (except Firefox, we’ll cover that later), et voilà . Logged in without a second thought.

Prerequisites

  • Workspace ONE Identity Manager
  • Workspace ONE UEM Console
  • A Certificate Authority configured within Workspace ONE UEM to issue user certificates

macOS – Chrome

To enable the selection of the User certificate within Chrome, we need to configure the AutoSelectCertificateForUrls policy. This can be achieved with the below Custom XML. Points to change:
  • pattern: the CAS URL for your Identity Manager tenant. In this example, its https://cas.vidmpreview.com/
  • filter: The ISSUER: should be the Issuer name of your CA. Something like “Company Issuing CA“.
Leave everything else default.
<dict>
<key>AutoSelectCertificateForUrls</key>
<array>
 <string>{"pattern":"https://cas.vidmpreview.com/","filter":{"ISSUER":{"CN":”your-domain-AD01-CA"}}}</string>
</array>
<key>PayloadEnabled</key>
<true/>
            <key>PayloadDisplayName</key>
            <string>Google Chrome Settings</string>
            <key>PayloadEnabled</key>
            <true/>
            <key>PayloadIdentifier</key>
            <string>com.google.Chrome.4F720473-6832-4CE0-A895-E9C3FC6F8CBD</string>
            <key>PayloadType</key>
            <string>com.google.Chrome</string>
            <key>PayloadUUID</key>
            <string>4F720473-6832-4CE0-A895-E9C3FC6F8CBD</string>
            <key>PayloadVersion</key>
            <integer>1</integer>
</dict>

Extra! Windows 10 – Chrome

Details provided by the Legendary Charlie Hodge EUCSE Bloghttps://blog.eucse.com/windows-10-true-sso-using-chrome/ 

Further Resources

WorkspaceONE UEM Integration with Microsoft ADCS via DCOM ​Chrome troubleshooting: chrome://policy
IDM– Activity Reports
Spread the love