This topic demonstrates how to use Workplace Join to connect your Windows device with your workplace and how to access a web application by using Single Sign-On. You must complete the steps in the Set up the lab environment for AD FS in Windows Server 2012 R2 section before you can try out this walkthrough.
Access the web application before device registration
In this walkthrough, you access a company web application before you join your device to the workplace. The webpage displays the claims that were included in your security token. Notice that the list of claims does not include any information about your device. You might also observe that you do not have Single Sign-On.
To access the web application before you use Workplace Join on your device
Notice that you are prompted to enter your credentials again. You are not connected to the workplace from a device with Workplace Join and therefore do not have Single Sign-On.
Join your device with Workplace Join
Important
For Workplace Join to succeed, the client computer (Client1) must trust the SSL certificate that was used to configure Active Directory Federation Services (AD FS) in Step 2: Configure the Federation Server with Device Registration Service (ADFS1). It must also be able to validate revocation information for the certificate. If you have any issues with Workplace Join, you can view the event log on Client1.
To see the event log, open Event Viewer, expand Applications and Services Logs, expand Microsoft, expand Windows, and then click Workplace Join.
To join your device with Workplace Join
Log on to Client1 with your Microsoft account.
On the Start screen, open the Charms bar, and then select the Settings charm. Select Change PC Settings.
On the PC Settings page, select Network, and then click Workplace.
In the Enter your UserID to get workplace access or turn on device management box, type roberth@contoso.com, and then click Join.
When you are prompted for credentials, type roberth@contoso.com, and password: P@ssword. Click OK.
You should now see the message: "This device has joined your workplace network."
Access the web application after joining the workplace
In this part of the demonstration, you access a company web application from your device that is connected with Workplace Join. The webpage displays the claims that were included in your security token. Notice that the list of claims includes both device and user information. You might also observe that you now have Single Sign-On.
To access the web application after joining the workplace
Notice that you are not prompted to enter your credentials again. You are connected from a device with Workplace Join and therefore have Single Sign-On.