Open deniscep opened 3 years ago
From workspace subnet, allow on firewall: https://enterpriseregistration.windows.net - For device registration. http://169.254.169.254 - Azure Instance Metadata Service endpoint. https://login.microsoftonline.com - For authentication flows. https://pas.windows.net - For Azure RBAC flows.
Allow port 80 on NSG for http://169.254.169.254
https://docs.microsoft.com/en-us/azure/active-directory/devices/howto-vm-sign-in-azure-ad-windows
@deniscep Am I right in thinking that these are probably rules that need configuring at the workspace level should machines want to be joined to Azure AD?
From workspace subnet, allow on firewall: https://enterpriseregistration.windows.net - For device registration. http://169.254.169.254 - Azure Instance Metadata Service endpoint. https://login.microsoftonline.com - For authentication flows. https://pas.windows.net - For Azure RBAC flows.
Allow port 80 on NSG for http://169.254.169.254
https://docs.microsoft.com/en-us/azure/active-directory/devices/howto-vm-sign-in-azure-ad-windows