Azure AD SAML SSO and AAD joined devices (docs outdated)
Upon investigation, all of these users were on AAD joined devices and used PIN or FaceID authentication to log on their machines.
To work around the problem, one could either :
- Open PMP in a private tab, forcing password and MFA use every time
- Lock the AAD joined device and unlock using a password, then go to PMP
On the server, a permanent fix is possible by adding the undocumented value
New to ADSelfService Plus?