Using Workplace Join and a Web Application Proxy
In order to have Workplace Join working, double-check the following:
- Outside of your company network (aka “the internet”)
Ping “enterpriseregistration.yourpublicdomain.com”, it should resolve to the IP of your Web Application Proxy.- If case no IP is resolved, edit your public domains DNS zone and add a CNAME “enterpriseregistration” pointing to your Web Application Proxy servername.
- RDP into your Web Application Proxy and ping “enterpriseregistration.yourpublicdomain.com”
- If ping fails, edit your hosts file.
- RDP into your Web Application Proxy, open a browser and enter:
https://enterpriseregistration.EXTERNALDOMAIN.com/EnrollmentServer/contract?api-version=1.0
You should get a response:
From an external non-domain joined client:
- Import the root CA certificate in case you are using self-signed certificates on the ADFS server
- Open a browser and navigate to
https://enterpriseregistration.EXTERNALDOMAIN.com/EnrollmentServer/contract?api-version=1.0
- In case you get a response, Workplace Join should work.
- In case it doesn’t: RDP to your Web Application Proxy and add a Published Web Application like shown in the screenshot below
Consider leaving a reply in case this post helped you. Thanks!