deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 05:17:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

updates

Browse Source
This commit is contained in:
Paolo Matarazzo 2022-09-22 10:03:25 -04:00
parent 70a0bf37da
commit 4ff329f49a
2 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
education/windows/federated-sign-in.md
View File

@ -83,19 +83,19 @@ Once the devices are configured, a new sign-in experience becomes available.
As the end users enter their username, they'll be redirected to the identity provider sign-in page. Once users are authenticated by the IdP, they'll be be signed-in. In the following animation, you can see how the first sign-in process works: As the end users enter their username, they'll be redirected to the identity provider sign-in page. Once users are authenticated by the IdP, they'll be be signed-in. In the following animation, you can see how the first sign-in process works:
:::image type="content" source="./images/federated-sign-in-windows-se.gif" alt-text="Windows 11 SE sign-in using federated sign-in through Clever and QR code badge." border="false"::: :::image type="content" source="./images/win-11-se-federated-sign-in.gif" alt-text="Windows 11 SE sign-in using federated sign-in through Clever and QR code badge." border="false":::
> [!IMPORTANT] > [!IMPORTANT]
> Once the policy is enabled, the first user to sign-in to the device will also set the disambiguation page to the identity provider domain on the device. This means that the device will be defaulting to that IdP. The user can exit the federated sign-in flow by pressing <kbd>Ctrl</kbd>+<kbd>Alt</kbd>+<kbd>Delete</kbd> to get back to the standard Windows sign-in screen. > Once the policy is enabled, the first user to sign-in to the device will also set the disambiguation page to the identity provider domain on the device. This means that the device will be defaulting to that IdP. The user can exit the federated sign-in flow by pressing <kbd>Ctrl</kbd>+<kbd>Alt</kbd>+<kbd>Delete</kbd> to get back to the standard Windows sign-in screen.
## Important considerations ## Important considerations
- Network and Accessibility menus aren't available in the web sign-in flow. They can be accessed on the standard Windows sign-in page. While in the web sign-in flow, press <kbd>Ctrl</kbd>+<kbd>Alt</kbd>+<kbd>Delete</kbd> and the classic Windows sign-in UI will be shown, along with the buttons that launch those menus. Federated sign-in doesn't work on devices that have the following features enabled:
- Federated sign-in doesn't work on devices that have the following features enabled:
- **EnableSharedPCMode**, which is part of the [SharedPC CSP][WIN-1] - **EnableSharedPCMode**, which is part of the [SharedPC CSP][WIN-1]
- **PreferredAadTenantDomainName**, which is part of the [Authentication CSP][WIN-2] - **PreferredAadTenantDomainName**, which is part of the [Authentication CSP][WIN-2]
- The security policy **Interactive logon: do not display last signed in**, which is part of the [Policy CSP][WIN-3] - The security policy **Interactive logon: do not display last signed in**, which is part of the [Policy CSP][WIN-3]
- **Take a Test**, since it leverages the security policy above - **Take a Test**, since it leverages the security policy above
## Troubleshooting ## Troubleshooting

0
education/windows/images/federated-sign-in-windows-se.gif → education/windows/images/win-11-se-federated-sign-in.gif
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 5.3 MiB

After

Width:  |  Height:  |  Size: 5.3 MiB