I setup Platform SSO (enclave) and it works... okay. Outlook and OneDrive both still require me to enter the email address to begin. It's better than nothing, but deeper integration to capture username prompts would be great. And, it would be ideal if we didn't need Company Portal to broker this login. Jamf Connect is already connected to Entra. So, it would be great if it can broker platform SSO, and autofill usernames in apps with the app prefixes defined in the profile.
Page 1 / 1
you can do that by deploying a configuration profile with a custom payload of Plist
refer to the below link
com.microsoft.Outlook
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>DefaultEmailAddressOrDomain</key>
<string>$EMAIL</string>
</dict>
</plist>
com.microsoft.Office
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>OfficeActivationEmailAddress</key>
<string>$EMAIL</string>
<key>OfficeAutoSignIn</key> <true/>
</dict>
</plist>As @Shyamsundar Shyamsundar said, you can prefill the email address simply enough, but the user still needs to enter their password.
PSSO hooks macOS's login screen to an IDP to handle authentication and generate tickets. As Jamf Connect is not an IDP, but rather another tool like PSSO that uses an IDP for authentication passing tickets to applications from Jamf Connect is something the individual applications must support. Microsoft clearly wants you using the Comp Portal, and until they add the ability for the Comp Portal or Office to independently accept tickets from Jamf Connect there will always be multiple authentications.
Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.