Reset Search
 

 

Article

KB44882 - AAA/Pulse: SAML login fails for macOS endpoints after enabling conditional access in Azure

« Go Back

Information

 
Last Modified Date9/23/2021 11:15 PM
Synopsis
This article outlines a potential issue when using conditional access in Azure
Problem or Goal
After the Azure team has enabled conditional access, users with the Pulse client are no longer able to login to the Pulse Connect Secure (PCS) or Pulse Policy Secure (PPS) using the Pulse client with embedded browser enabled from a properly enrolled system
When viewing the logs in Azure, the reason shown is that there as no device ID found
When the user logs in from the same endpoint using a supported browser, the authentication completes successfully
Cause
Solution

The Pulse Secure development team is investigating a solution to allow the standard embedded browser to query for the device ID successfully and submit it to Azure during the login process. This fix is currently targeted for teh next major release of the Pulse client.

For immediate relief, the option Enable FIDO2 U2F for SAML Authentication can be enabled on the connection set (Users>Pulse Secure Client>Connections>connectionSetName). This downloads the Chromium Embedded Framework (CEF) to the endpoint for the Pulse client to use as the rendering engine.

Related Links
Attachment 1 
Created ByNick Christen

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255