There are three ways to integrate Microsoft Azure cloud identity with PaperCut: Options for syncing PaperCut NG/MF with Azure AD Please see our Known issue for federated accounts for more information. Setting up Azure AD sync or Azure AD Secure LDAP syncĪ note about federated accounts Azure environments with federated accounts enabled will not be able to authenticate in PaperCut with the username/password method. Recommendations when using the standard Azure AD sync method
Options for syncing PaperCut NG/MF with Azure ADĭeciding which cloud-only sync method is right for you By default, all events of a day are displayed together and can then be expanded.PRODUCTS FEATURED Overview of synchronizing user and group details with Azure AD The important thing about the non-interactive logs is that the events are grouped together. The sign-in is done at the Policy Administration Service from an IP address from the Microsoft data center in Amsterdam (West Europe). The following Windows Sign-In logs caught my eye. In the first step, I only filtered for incorrect logins for the affected user. This was to be expected, since the sign-in with Windows Hello for Business is not interactive, but is performed with the Azure AD user certificate. There is no information about this login in the interactive sign-in logs. Since this is a login to Azure AD, there must be other logs available. The sign-in event is logged with an incorrect login in the context of the SYSTEM account.įurther information could not be found on the server. The security event log on the server was not very fruitful. The installed Windows 10 version is 1809 or newerįor sign-in with biometrics this is necessary, with PIN it worked longer.The client has Windows Hello for Business configured.Microsoft’s Troubleshooting Guide describes that the cause is a conditional access policy configured with multi-factor authentication (MFA), an unsupported Windows 10 client version, and Windows Hello for Business not enabled.
Try a different sign-in method or contact your system administrator. The sign-in method you’re trying to use isn’t allowed.
0 kommentar(er)
