I saw the post from 6 months ago about this. I'm posting this again. Hopefully, it will generate more traffic.
Setting up AzureAD user synchronization and enabling users to sign in with Microsoft doesn't appear to actually let anyone sign into the Sophos Self-service Portal. It appears that I still need to send an enrollment email to each user before they can sign in and register their mobile device.
Is this accurate?
If this is by design, that's crazy. Why bother to have controls for sign-in at all? I think allowing users to sign in with their Microsoft credentials should actually... allow users to sign in with Microsoft credentials. Why is it necessary to send everyone an enrollment email?
If I wanted to do that, I wouldn't have bothered to set it up to use Microsoft creds in the first place.
I've already upvoted the suggested fix, I just want to generate traffic about this topic to hopefully push it up the priority list, because the current requirement is nonsensical.
This thread was automatically locked due to age.