Before you can use Azure AD to enroll your Windows devices, you must configure AirWatch to use Azure AD as an Identity Service. Enabling Azure AD is a two-step process which requires the MDM-enrollment details to be added to Azure. Adding these details provides the Tenant ID and Name details for AirWatch and Azure to sync.

Prerequisites

You must have a Premium Azure AD subscription to integrate Azure AD with AirWatch. Azure AD integration with AirWatch must be configured at the tenant where Active Directory (such as LDAP) is configured.

Important:

If you are setting the Current Setting to Override on the Directory Services system settings page, the LDAP settings must be configured and saved before enabling Azure AD for Identity Services.

Procedure

To Configure Azure AD for Identity Services:

  1. Navigate to Groups & Settings > All Settings > System > Enterprise Integration > Directory Services.

  2. Enable Use Azure AD for Identity Services under Advanced options.

    Once enabled, take note of the MDM Enrollment and MDM Terms of Use URLs as they are needed when configuring the Azure directory.

  3. Log in to the Azure Management Portal with your Microsoft account or organizational account.

  4. Select your directory and navigate to the Applications tab.
  5. Select Add.

    AzureMarket

  6. Select Add an application from gallery.
  7. Select Mobile Device Management on the left then search for AirWatch by VMware. Select the checkmark in the bottom right of the screen.

    AzureAddApp

  8. Configure the AirWatch by VMware application by entering the MDM Enrollment URL and MDM Terms of Use URLs from the AirWatch Console. Then configure the Manage devices for these users settings based on your organization rules. Select Save to continue.
  9. Return to the Applications tab to locate the Tenant ID and Tenant Name from your Azure directory.

    The Azure Tenant ID is found in your Azure AD Directory Instance URL.

    The Azure Tenant Name is the name of your Azure Directory. You can find the name under the Domain tab.

    Win10_AzureConfig

  10. Return to the AirWatch Console and select Use Azure AD for Identity Services to configure Azure AD Integration.

  11. Enter the Tenant Identifier and Tenant Name.

  12. Select Save to complete the process.