Help

Templafy SSO failure with Microsoft Enterprise SSO extension

infrase2020
New Contributor III

Posted on ‎10-24-2023 04:50 AM

Hi,

We have an issue with templafy where SSO fails when we have the Microsoft Enterprise SSO plug in enabled. 

I removed the profile from my machine and SSO works.

My question is does anyone know how to bypass or exclude SSO for Templafy as the documentation suggests you need the bundle ID but i do not want to exclude SSO for all office apps that may use SSO? 

Thanks in advance.

0 Kudos
8 REPLIES 8

mbrown2157
New Contributor III

Posted on ‎10-24-2023 01:53 PM

Same issue here with a few of our users.  I have a Microsoft ticket opened, I will post if I find out anything.  I have not been able to reproduce this on my device, so troubleshooting will be difficult.  This was also posted yesterday.

https://community.jamf.com/t5/jamf-pro/ms-teams-microsoft-sso-extension-teams-sign-in-error-1000-100...

 

0 Kudos

barrycuda
New Contributor II

Posted on ‎10-24-2023 03:09 PM

Hopefully Microsoft gets back to you.  We are in the middle of migrating to Jamf so half of our users are still on Intune, the problem is that you cannot have Intune remove the profile because the Company portal app is impacted by this so it is broke as well.  Not for sure how to remove that profile manually or disable the Microsoft Enterprise SSO plugin manually.

0 Kudos

mbrown2157
New Contributor III

Posted on ‎10-24-2023 03:13 PM

Disabling Enterprise SSO is as simple as un-scoping the profile.  It takes affect almost instantly.

0 Kudos

barrycuda
New Contributor II

Posted on ‎10-24-2023 03:17 PM

I can un-scope in Jamf and that is fine..  But un-scoping in Intune does not work because the profile won't remove from the client, which I suspect is because the issue impacts the Company Portal app.

0 Kudos

mbrown2157
New Contributor III

Posted on ‎10-24-2023 03:23 PM

ouch good point, I am doing this from the jamf side.

0 Kudos

infrase2020
New Contributor III

Posted on ‎10-25-2023 01:29 AM

I fixed the issue with the SSO extension breaking authentication to Templafy (via O365 Apps such as Word).

Basically the Microsoft article suggests this is only for iOS devices however thats not true as its not working for macOS devices. 

Add the following key and string to the plist config:

<key>AppCookieSSOAllowList</key>

    <string>com.microsoft.Word,com.microsoft.Excel,com.microsoft.Powerpoint</string>

 

infrase2020_0-1698222502517.png

 

0 Kudos

mbrown2157
New Contributor III

Posted on ‎10-25-2023 05:15 AM

Looking at the other thread posted above, looks like it was in fact the company portal app.  Microsoft put a new version out last night which seems to have corrected it on my test device.

0 Kudos

barrycuda
New Contributor II

Posted on ‎10-25-2023 12:19 PM

I can confirm that the updated company portal app solved our issues.

0 Kudos