+4Hi,
I've have JamfConenct working with Azure AD but as soon as I deploy a policy to enable FileVault and escrow keys to Jamf server to the machines it breaks AD Azure connectivity. A reboot show the standard mac login screen and if I logoff the user I get a broken Azure AD screen.
I've tried deploying FileValt first then JamfConnect but same problems.
Any ideas? Regards,
Best answer by Tribruin
If you logout you should see the Jamf Connect Login screen. If not, something is broken with the JCL. While logged in try going in to terminal and running /usr/bin/local/authchanger -reset -JamfConnect and see if that brings the Jamf Connect Login screen back.
If you want to ensure the user sees the JCL screen after initial boot and/or restart, may sure you set the DenyLocal setting to true in your Jamf Connect Login profile. With that the user experience will be FileVault login -> Azure Login -> Local password validation.
+25@robbo007 Enabling FileVault will always cause the display of the FileVault login screen on macOS Catalina since you're not booting into macOS after that, but booting into an intermediate stage where FileVault will display the accounts enabled to unlock the drive, and you have to authenticate with one of those before proceeding to boot macOS.
+4ahh ok, so whats the best practice for using Azure AD authentication and FileVault then? Because if I do a logout once authenticated with FileVault I can't then authenticate with Azure as integration seems broken.
If you logout you should see the Jamf Connect Login screen. If not, something is broken with the JCL. While logged in try going in to terminal and running /usr/bin/local/authchanger -reset -JamfConnect and see if that brings the Jamf Connect Login screen back.
If you want to ensure the user sees the JCL screen after initial boot and/or restart, may sure you set the DenyLocal setting to true in your Jamf Connect Login profile. With that the user experience will be FileVault login -> Azure Login -> Local password validation.
+4ok thanks. I'll try that. Is that the best practice if your using JamfConnect with Azure? FileVault login -> Azure Login -> Local password validation?
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
