Modern Authentication and Exchange Online

  • 142 Views
  • Last Post 22 June 2017
Anthony.Vandenbossche posted this 21 June 2017

Hello All,   I was wondering if anyone here knows anything about compatibility for ADAL on Windows Phone 8 and 10? This is the only useful piece of information I found thusfar:  

Office client application Windows Mac OS X Windows Phone iOS Android
Office clients Available now for Office 2013 and Office 2016. Available now for Office 2016. Also available for OneNote 2014. Available now. Word, Excel and PowerPoint are available now for both phones and tablets. Word, Excel and PowerPoint are available now for both phones and tablets.
Skype for Business (formerly Lync) Included in Office client. Available now. Available now. CBA and other modern features not yet supported. Available now*. Available now*.
Outlook Included in Office client. Available now. Coming soon. Available now. Available now.

      It states that support for ADAL on Windows Phone is coming soon (while Android and iOS are already supported J). Any of you guys have experience with enabling ADAL, especially concerning Mobile Devices such as Windows Phone devices?   Many thanks!
ANTHONY VAN DEN BOSSCHE

 

Order By: Standard | Newest | Votes
joe posted this 21 June 2017

I believe most of the MS apps support modern auth on WP10 including the native email app. I've not actually use the Outlook app yet so I'm not certain. I'm less certain what the status of all these things are for WP 8.1 although I think the story is similar, perhaps with the exception of native mail.
There are probably some weird combo cases for Skype that don't work that well as Skype logs in to both Skype and Exchange and those can have different hosting and auth models. It gets to be a mess in a hurry. If you have a straight cloud deployment of both I expect it would likely work fine though.
That said, WP is NOT getting upgrades and fixes, even from MS. If you do run into small bugs with specific deployment scenarios, don't expect them to get fixed. An example I can provide is that the OneDrive client for WP 8 will fail to authenticate against O365/Azure AD IF the user is federated to ADFS and IF ADFS is configured to do device-based authentication for down level clients using Client TLS. This is because ADFS will generate an optional client TLS request to the OneDrive app that the ADAL library in that version of the client will just choke on, even though the server considered the response optional. MS will not fix that. This problem does not existing in the WP 10 version of the OneDrive app. This is a fairly bizarre edge case but is intended to provide a specific example of the kinds of corner cases you may run into where things don't work even when they probably should.
So, the devil may be in the very picky details as to the experience you actually get and ability to get fixes to problems you find will be basically zero.
Joe K.


show

Anthony.Vandenbossche posted this 22 June 2017

Thanks Joe, I concur that it is a pain in the ass that there seems to be no real release management, across platforms. In my case OneDrive is only used on fat clients running

W10 so that’s good J.

 

The test results, after enabling ADAL, where pretty good. We did not hear of any issues of end users. For Outlook 2016, we deployed the ADAL regkey to disable it on all clients.

This way we can test easily. End-goal is MFA within the Outlook client and that succeeded.

 

Thanks again!

 


ANTHONY VAN DEN BOSSCHE





 

show

Close