Hi,
I have setup Workfolders using ADFS authentication, I am now implementing workplace join (hoping that Microsoft will soon be releasing the iOS client for workfolders). I can workplace join my test laptop which runs Windows 8.1 when I'm connected to the network (connecting directly to ADFS server). But when I'm outside the network (connecting through Web Application Proxy) I get the error:
"Confirm you are using the correct sign-in info, and that your workplace uses this feature. Also, the connection to your workplace might not be working right now. Please wait and try again."
I have looked in the event viewer and the last log says "Workplace Join discovery succeeded" so it's finding the server.
One thing I have noticed is if I go to https://enterpriseregistration.domainname/enrollmentServer/contract?api-version=1.0 I get the following:
"<Discovery xmlns=http://schemas.datacontract.org/2004/07/Microsoft.DeviceRegistration.Entitiesxmlns:i="http://www.w3.org/2001/XMLSchema-instance">
<DeviceRegistrationService>
<RegistrationEndpoint>https://fs.domainname/EnrollmentServer/DeviceEnrollmentWebService.svc</RegistrationEndpoint>
</AuthenticationService>
<IdentityProviderService>
But if I am outside the network and go to the same address (so going through web application proxy) I get the following:
https://fs.domainname/EnrollmentServer/DeviceEnrollmentWebService.svcurn:ms-drs:fs.domainname1.0https://fs.domainname/adfs/oauth2/authorizehttps://fs.domainname/adfs/oauth2/tokenhttps://fs.domainname/adfs/ls
So basically just the values of the xml are being returned. If I view source on the page I see the full xml is being sent, so is the Web Application Proxy is changing the MIME type? I'm guessing this is why it isn't working outside as the Workplace Join client isn't understanding what's being returned.
Hope somebody can help.
Thanks,
Andy