Intune | MD-102

Enable Azure SSO for Chrome Using Intune: Step-by-Step Guide 2026

ByTechieGeek March 29, 2026March 29, 2026

Set up single sign-on in Google Chrome with Microsoft Intune. This step-by-step guide covers the key policy. It lets Entra ID users log in to sites with work credentials.

Why Use This Setup

Users on Entra ID-joined devices get passwordless logins in Chrome. Works on Chrome 111+ without extensions. Improves security and user experience.

Requirements

Devices Entra ID joined, hybrid joined, or registered.
Enrolled in Intune.
Chrome version 111 or higher.

Step 1: Import Chrome ADMX Templates

Log in to Microsoft Intune admin center at https://intune.microsoft.com.
Go to Devices > Configuration profiles > Settings catalog.
Download Chrome ADMX/ADML files here:
- Chrome Enterprise Policy Templates
  (Official Google download link).
Extract and import ADMX/ADML files into Intune Settings Catalog.

Step 2: Create Configuration Profile

Go to Devices > Configuration > Create profile.
Select Platform: Windows 10 and later.
Choose Profile type: Templates > Administrative templates.
Enter name: “Chrome SSO Policy”. Add description.
Click Create.

Step 3: Configure Key Policy

In Configuration settings, search “Allow automatic sign-in to Microsoft cloud identity providers”.
Click the policy to configure.
Set to Enabled.
Select Enable Microsoft cloud authentication option.
This sets CloudAPAuthEnabled to 1 – the critical step.

Step 4: Assign and Deploy

Go to Assignments tab.
Assign to user or device groups.
Add exclusions if needed.
Review settings and click Create.
Policy syncs in minutes.

Step 5: Verify Setup

On target device, open Chrome.
Type chrome://policy/ in address bar.
Confirm CloudAPAuthEnabled shows value 1.
Test on office.com or teams.microsoft.com. No prompts.

Troubleshooting

Policy missing? Force device sync in Intune: Devices > Check status > Sync.
Prompts persist? Verify join type: dsregcmd /status.
Always check CloudAPAuthEnabled first – it’s the common miss.

X Facebook LinkedIn Copy Email Pinterest Reddit Telegram ChatGPT SMS

Intune | MD-102

How to Automatically Enroll Windows Devices into Intune After Removing SCCM in a Co-Managed Environment
ByTechieGeek October 22, 2025October 22, 2025

Context The user manages an environment where SCCM (Configuration Manager) and Intune are running in co-management mode. They’re preparing to remove SCCM entirely and want all devices to automatically enroll and sync with Intune — without manual intervention or touching endpoints. Key Questions from the Post The original poster (OP) is seeking clarity on three…

Read More How to Automatically Enroll Windows Devices into Intune After Removing SCCM in a Co-Managed Environment
Microsoft 365 | MS-102

MS-102 Step-by-Step Guide: Real Admin Scenarios for Entra, Intune, Purview, and Defender
ByTechieGeek December 15, 2025December 15, 2025

From Practice Questions to Real Admin Wins: Step-by-Step MS-102 Scenarios (With Exact Portal Paths and Verification) If you have ever worked through MS-102 practice questions and felt confident about the answer but not the execution, you are not alone. The exam compresses real-world admin work into short scenarios. Your job as a Microsoft 365 admin…

Read More MS-102 Step-by-Step Guide: Real Admin Scenarios for Entra, Intune, Purview, and Defender
Intune | MD-102

How to Fix Intune-Provisioned Windows Devices Blocking User Sign-In: Troubleshooting & Prevention
ByTechieGeek September 22, 2025September 22, 2025

In-Depth Guide: Fixing Intune-Provisioned Devices That Block User Sign-In When users can’t sign into Windows devices managed by Intune, work grinds to a halt. This often happens in environments using third-party identity providers or after enrollment fails. Follow these detailed steps to troubleshoot and prevent sign-in failures. 1. Identify the Root Cause Before you fix…

Read More How to Fix Intune-Provisioned Windows Devices Blocking User Sign-In: Troubleshooting & Prevention
AZ-140

Azure Virtual Desktop Authentication Explained: Control Plane vs Desktop Login and Azure AD Connect
ByTechieGeek February 15, 2026February 15, 2026

Plan AVD identities with clear guidance on Azure AD Connect, control plane vs desktop authentication, AD DS vs Azure AD DS trade-offs, and key limitations.

Read More Azure Virtual Desktop Authentication Explained: Control Plane vs Desktop Login and Azure AD Connect
Exchange 365 | Microsoft 365

Microsoft 365 Administration Guide (2025): Manage Groups, Teams, Mailboxes, Calendars, and Access
ByTechieGeek November 4, 2025November 4, 2025

Microsoft 365 Administration Guide (2025 Edition): Advanced Collaboration, Mailbox, and Access Management This detailed 2025 edition reflects the latest Microsoft 365 Admin Center and PowerShell module updates for creating and managing Microsoft 365 Groups, Teams, shared mailboxes, resources, calendars, and SharePoint/OneDrive access using modern management interfaces and updated cmdlets. 1. Create Microsoft 365 Groups &…

Read More Microsoft 365 Administration Guide (2025): Manage Groups, Teams, Mailboxes, Calendars, and Access
Microsoft 365 | MS Teams | MS-700

How to Remove Guest Access Automatically with Microsoft Entra Access Reviews
ByTechieGeek January 4, 2026January 4, 2026

Automatically Remove Guest Users from a Team When Owners Don’t Respond Step-by-step guide using Microsoft Entra Access Reviews Guest users are essential for collaboration, but they are also easy to forget. Over time, external users can remain in a Team long after a project ends. Microsoft Entra access reviews fix this by forcing periodic re-approval,…

Read More How to Remove Guest Access Automatically with Microsoft Entra Access Reviews