Before you can use Azure AD to enroll your Windows devices, you must configure AirWatch to use Azure AD as an Identity Service. Enabling Azure AD is a two-step process which requires the MDM-enrollment details to be added to Azure. Adding these details provides the Tenant ID and Name details for AirWatch and Azure to sync.
You must have a Premium Azure AD subscription to integrate Azure AD with AirWatch. Azure AD integration with AirWatch must be configured at the tenant where Active Directory (such as LDAP) is configured.
If you are setting the Current Setting to Override on the Directory Services system settings page, the LDAP settings must be configured and saved before enabling Azure AD for Identity Services.
To Configure Azure AD for Identity Services:
Navigate to Groups & Settings > All Settings > System > Enterprise Integration > Directory Services.
Enable Use Azure AD for Identity Services under Advanced options.
Log in to the Azure Management Portal with your Microsoft account or organizational account.
- Select your directory and navigate to the Applications tab.
- Select Add an application from gallery.
Select Mobile Device Management on the left then search for AirWatch by VMware. Select the checkmark in the bottom right of the screen.
Return to the Applications tab to locate the Tenant ID and Tenant Name from your Azure directory.
The Azure Tenant ID is found in your Azure AD Directory Instance URL.
The Azure Tenant Name is the name of your Azure Directory. You can find the name under the Domain tab.
Return to the AirWatch Console and select Use Azure AD for Identity Services to configure Azure AD Integration.
- Enter the Tenant Identifier and Tenant Name.
- Select Save to complete the process.