Skip to main content

Hi All,

Been using Jamf School for a while now with AD binding, this is really slowing down the log in time so have switched to Jamf connect with Azure AD, I've followed the training videos and done some googling, and have managed to get it to work but not ideally how I want the experience.

Currently user is greeted with a Microsoft log in, put details in, then it wants to create a local account password, and possibly creates a local account.

Would like microsoft log in then it just goes straight to the desktop, no local account, almost want the same experience that AD binding gave but authenticate with microsoft account.

In Jamf connect config under authentication I have ticked Always require network authentication, but this has made no difference.

Is this possible, am I not understanding the mechanics?

Any ideas, suggestions, help is very much appreciated.

Hello,

 

  To have users only have to enter their password once, we use the OIDCUsePassthroughAuth key. In your com.jamf.connect.login plist configuration file or the configurator app:

 

<key>OIDCUsePassthroughAuth</key> <true/>

 

 

As for the "Account Creation" button, I believe this can be resolved with:

 

<key>CreateJamfConnectPassword</key> <true/> <key>OIDCNewPassword</key> <false/>

 

 

I would do some more testing with the above key.

Thank you for this, will give it a go.

Hello,

 

  To have users only have to enter their password once, we use the OIDCUsePassthroughAuth key. In your com.jamf.connect.login plist configuration file or the configurator app:

 

<key>OIDCUsePassthroughAuth</key> <true/>

 

 

As for the "Account Creation" button, I believe this can be resolved with:

 

<key>CreateJamfConnectPassword</key> <true/> <key>OIDCNewPassword</key> <false/>

 

 

I would do some more testing with the above key.


I have been looking for weeks for this OIDCUsePassthroughAuth trick to stop users from having to enter their password again after the Azure SSO screen. Thanks for sharing, Andrew!

Terms & ConditionsCookie settingsAccessibility statement