In our current configuration, when we try to authenticate as a user in Workspace ONE Access it will probably fail. This is because we don’t have an authentication method available to users that is able to authentication successfully.

The simplest way to do this is to enable Password (cloud deployment) so that our users are able to authenticate with their Active Directory credentials using the Identity Manager Connector we installed and configured. What’s great about this method is that its outbound meaning that a user authentication request never comes inbound so there’s no inbound firewall rules.

Let’s look at how to configure this authentication method and set up our default access policy to use it.

We need to go to our Workspace ONE Access Tenant admin portal.

Go to Identity & Access Management, Manage, and then Identity Providers.

We now need to select the Built-in Identity Provider.

Select your internal directory/domain

Select the ALL RANGES Network

Select your Connector from the dropdown list

And associate this authentication method with the Connector and press Save!

Now we need to update our Access Policies to use this authentication method.

Select ‘Policies‘ and EDIT DEFAULT POLICY

 
 Inside your policy, there should be two entries by default. Click on the ALL RANGES option for whatever device types that are listed.

Make sure that Password (cloud deployment) is the first in the list. Press SAVE and repeat for other entries/device types.

 
We can now have user’s authenticate with their Active Directory credentials. 
To see this end to end, below is a video.
Next up, we need to configure device enrollment.