Hi all, it seems users are prompted for their username and password every single time they connect - is there any way to have this SSO?
The value you are looking for them to change for you is forceauthn
Look for Azure conditional access policies specifically for a setting that relates to session. When editing the policy there’s a section named “session“ that has all the dials you need to implement this. However I don’t exactly know your setup to adequately say if it will work because you haven’t specified your setup. Are your clients AAD joined? Hybrid with password sync? Or are these standalone endpoints connecting in?
Contact support - they can change it back to the way it worked in firmware 16.16.
In 16.16.2+ and 17.7+ a change was made to force authentication in the SAML request sent by the MX to the Identity Provider. This means that each time a user tries to re-authenticate, user credentials will be required.
Thanks all, I asked Meraki support to set the Forceauthn= value to true and it’s fixed!
We have this exact issue, we contacted MS since it happened on the day when they had their problems but now I am going to put in a ticket with Meraki
It’s a config on the Meraki side, nothing to do with your CAP’s. Had to get them to change mine to require auth every time (the opposite of what OP wants). Hopefully we get a portal button for it in the future but for now support sets it.
It’s on the Merkai side, they have to change a setting.