Using Workplace Join and a Web Application Proxy

In order to have Workplace Join working, double-check the following:

  • Outside of your company network (aka “the internet”)
    Ping “enterpriseregistration.yourpublicdomain.com”, it should resolve to the IP of your Web Application Proxy.
    • If case no IP is resolved, edit your public domains DNS zone and add a CNAME “enterpriseregistration” pointing to your Web Application Proxy servername.
  • RDP into your Web Application Proxy and ping “enterpriseregistration.yourpublicdomain.com”
    • If ping fails, edit your hosts file.
  • RDP into your Web Application Proxy, open a browser and enter:

https://enterpriseregistration.EXTERNALDOMAIN.com/EnrollmentServer/contract?api-version=1.0

You should get a response:

image

From an external non-domain joined client:

  • Import the root CA certificate in case you are using self-signed certificates on the ADFS server
  • Open a browser and navigate to

https://enterpriseregistration.EXTERNALDOMAIN.com/EnrollmentServer/contract?api-version=1.0

  • In case you get a response, Workplace Join should work.
    • In case it doesn’t: RDP to your Web Application Proxy and add a Published Web Application like shown in the screenshot below

image      
 
Consider leaving a reply in case this post helped you. Thanks!