Before you can use Azure AD to enroll your Windows devices, you must configure AirWatch to use Azure AD as an Identity Service. Enabling Azure AD is a two-step process which requires the MDM-enrollment details to be added to Azure. Adding these details provides the Tenant ID and Name details for AirWatch and Azure to sync.
If you are enrolling with a custom domain URL, the domain must be registered with the AirWatch Azure application. This registration requires the creation of a DNS record with your domain services provider. To register your domain, contact AirWatch Professional Services.
You must have a Premium Azure AD subscription to integrate Azure AD with AirWatch. Azure AD integration with AirWatch must be configured at the tenant where Active Directory (such as LDAP) is configured.
If you are setting the Current Setting to Override on the Directory Services system settings page, the LDAP settings must be configured and saved before enabling Azure AD for Identity Services.
To Configure Azure AD for Identity Services:
Navigate to Groups & Settings > All Settings > System > Enterprise Integration > Directory Services.
Enable Use Azure AD for Identity Services under Advanced options.
Log in to the Azure Management Portal (https://portal.azure.com) with your Microsoft account or organizational account.
- Select your directory and navigate to the Mobility (MDM and MAM) tab. This was formerly the Applications tab.
Select Add Application and select the AirWatch by VMware application..
Leave the AirWatch by VMware application on the default settings. Change the MDM user scope to All.
Navigate to the Properties tab to find the Azure Directory ID. This was formerly called the Tenant ID.
Select the User Account Details option in the top right corner.
The Azure Tenant Name is the name of your Azure Directory. You can find the name under the Domain tab.
- Return to the AirWatch Console and select Use Azure AD for Identity Services to configure Azure AD Integration.
- Enter the Azure Directory ID as the Tenant Identifier. Enter the name of your Azure Directory as the Tenant Name.
- Select Save to complete the process.