The latest Xink application supports Azure AD-joined machines with Azure AD login, not only on-premises AD.
There are few pre-conditions to be met:
- only joined computers are supported, not linked work accounts;
- only login email is supported as an employee id, say if a person logs on as email@example.com, then the employee with email "firstname.lastname@example.org" must exist in Xink.
How to install
1. ) Open Preferences in Xink web admin, select "Download" tab. Download IT: Download Xink Client (.MSI Package).
2. ) Generate Domain Authentication token, if you haven't created one before. Or just copy existing token using copy icon.
Please note that the token is much longer than what is shown on the screen, using copy icon is essential.
3. ) Install or deploy XinkClientSetupAD.msi and apply the Xink Token ID to your end user's computer using any software deployment tool.
The only requirement to make things work is by making sure Xink Client is installed and Xink Token ID is applied in the computer's registry.
Registry location: HKLM:\SOFTWARE\Policies\Xink\Xink Client AD\ADConfig
If you are using SCCM, you may deploy your package and write the registry keys without having to apply the template through GPO. Please refer to this KB.
Lastly please ensure to reboot the target PCs.
For Intune, we followed the following howto from Microsoft :
Please make sure to include add XinkClientSetupAD.msi(Step 1 above) and the DomainAuthToken described in the (step 2 above)
Add the target group in your Azure AD and wait for few hours.
Now confirm the Xink client is successfully installed on Hybrid-Domain joined device or Azure AD joined devices (It should appear on 'programs and features' as 'Xink AD Client')
And to confirm that DomainAuthToken is deployed correctly the target device should have this registry entry.
The ‘emsclient.exe’ is executed next time the user logs in :
And signatures get updated and copied to Signatures folder inside user’s profile.