Skip to content

Commit 6606e13

Browse files
MicrosoftGuyJFloMicrosoftGuyJFlo
committed
[Azure AD] Devices - Hybrid join URLs update
1 parent b0f2c26 commit 6606e13

File tree

1 file changed

+2
-3
lines changed

1 file changed

+2
-3
lines changed

articles/active-directory/devices/hybrid-azuread-join-managed-domains.md

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@ services: active-directory
66
ms.service: active-directory
77
ms.subservice: devices
88
ms.topic: tutorial
9-
ms.date: 10/22/2021
9+
ms.date: 10/25/2021
1010

1111
ms.author: joflore
1212
author: MicrosoftGuyJFlo
@@ -71,10 +71,9 @@ Hybrid Azure AD join requires devices to have access to the following Microsoft
7171
- `https://login.microsoftonline.com`
7272
- `https://device.login.microsoftonline.com`
7373
- `https://autologon.microsoftazuread-sso.com` (If you use or plan to use seamless SSO)
74-
- `https://enterpriseregistration.windows.net`
7574

7675
> [!WARNING]
77-
> If your organization uses proxy servers that intercept SSL traffic for scenarios like data loss prevention or Azure AD tenant restrictions, ensure that traffic to 'https://device.login.microsoftonline.com' is excluded from TLS break-and-inspect. Failure to exclude 'https://device.login.microsoftonline.com' may cause interference with client certificate authentication, causing issues with device registration and device-based Conditional Access.
76+
> If your organization uses proxy servers that intercept SSL traffic for scenarios like data loss prevention or Azure AD tenant restrictions, ensure that traffic to `https://device.login.microsoftonline.com` and `https://enterpriseregistration.windows.net`is excluded from TLS break-and-inspect. Failure to exclude these URLs may cause interference with client certificate authentication, cause issues with device registration, and device-based Conditional Access.
7877
7978
If your organization requires access to the internet via an outbound proxy, you can use [implementing Web Proxy Auto-Discovery (WPAD)](/previous-versions/tn-archive/cc995261(v=technet.10)) to enable Windows 10 computers for device registration with Azure AD. To address issues configuring and managing WPAD, see [Troubleshooting Automatic Detection](/previous-versions/tn-archive/cc302643(v=technet.10)). In Windows 10 devices prior to 1709 update, WPAD is the only available option to configure a proxy to work with Hybrid Azure AD join.
8079

0 commit comments

Comments
 (0)