EricW.33597 (Customer) asked a question.
Problem using Intune with Okta consuming federated domain
We've recently enabled hybrid in our organization to use Intune and I cannot get devices to register since or on prem domain isn't matching our primary domain in M365. When I try to set the domain as primary in our M365 tenant, I'm getting "you can't set a federated domain as the default. Choose a different domain and try again". Since Okta is using the domain that I need, what can I do? I really want to get our devices enrolled into Intune so we can start having some fun. Thanks...
Hi @EricW.33597 (Customer) , Thank you for reaching out to the Okta Community!
I haven't been able to locate any explicit documentation for this use case. The Okta/Intune docs that I found mostly discuss Okta Verify, not the Okta WS-FED part of things.
One thing that is sure, is that the federated domain cannot be the primary domain.
I tried checking outside sources as well to see if the use case or the problem is common and the closes thing I could find is this. That being said, I cannot vouch for the information mentioned there, so I would recommend checking with Microsoft Support to clarify the requirements for the Intune implementation in relation a third-party IDP like Okta.
Regards.
--
Help others in the community by liking or hitting Select as Best if this response helped you.
Level up your Identity security superpowers with Okta Learning.
Join the Online Discussion for Ask me Anything on March 25, 2025: Identity Threat Protection with Okta AI