I've already got a case logged with support about this, and frankly I'm left dumbstruck at what I'm being told.
To try and increase user adoption, we were looking to switch on the SSP. As we're a windows environment, it seemed logical to use our in Prem AD to provide authentication to the portal. It flat out won't work.
Support are saying that the *only* way it will work, is to wipe devices, re-enrol them using AD authentication to create the portal user login.
They've suggested using meraki authentication - However, as there's no way to bulk reset passwords, or have those passwords have a requirement to be changed at first logon, it could hardly be called an enterprise solution.
@Jeff_Longley Support is correct. For an AD user and his/her groups to sync over they must log in to a device during enrollment. Would it be possible to grab a spare device and just re-enroll it over and over to a different user? Syncing that AD user over to Meraki. Then (to prevent this problem in the future) enable AD authentication for device enrollment.
Find this helpful? Click the kudos button. Thanks!
Have already tried that - Its failed with both Meraki authentication and AD authentication (authenticates just fine during enrolment, just not for the portal).
Seems a backwards way of doing things, given you've an agent installed on a DC that can read all user information and authenticate the user; all that's left is to match the user to a device, which you can do in the dashboard.
Hi was you able to resolve this? I am trying to access with Meraki authentication and it doesn't allow. Says invalid login. Then after using the forgot password link on SSP sign in page, it allowed me to reset my password but then not allow login. Invalid login error again...
Edit: I can login with Meraki organisation admin accounts but not Owner accounts which kind of doesn't make sense for self service.