ADFS Additional Authentication Rule for DRoid Devices

compdigit44
compdigit44 used Ask the Experts™
on
Using ADFS 3.0 additional authentication rules would the following be possible to create a rule that would do the following.

If OS = Android
And = IP address range is like 192.168.x.x as an example
Force Forms Authentication

If a device does not make this rule is would proceed with the normal Windows Integrated Authentication
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Jian An LimSolutions Architect
Top Expert 2016

Commented:
What you are looking for is a common issue for internal ADFS
You only can set either WIA/ basic OR FORM.

So you cannot achieve what you want.

What you could do is to force android device to not to use the internal ADFS but external ADWAP that is by default form based like usually external WIFI.

Author

Commented:
How would you do this "What you could do is to force android device to not to use the internal ADFS but external ADWAP that is by default form based like usually external WIFI"  So using and additional authentication that would look for the adroid agent string and forice the password authentication method would not work?
Solutions Architect
Top Expert 2016
Commented:
yes. it will not work. there is no such action to force the password authentication


setup a WIFI that DNS point to the external interface of ADWAP will always use form-based authentication

you can also try 3g, and it should always form-based

Author

Commented:
But you force different authentication methods i.e multiform factor.... how is this any different.

Thank you again for all of you help with this

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial