Skip to main content
Question

Log in experience

  • September 29, 2022
  • 3 replies
  • 9 views
M
Forum|alt.badge.img+3

Hi All,

Been using Jamf School for a while now with AD binding, this is really slowing down the log in time so have switched to Jamf connect with Azure AD, I've followed the training videos and done some googling, and have managed to get it to work but not ideally how I want the experience.

Currently user is greeted with a Microsoft log in, put details in, then it wants to create a local account password, and possibly creates a local account.

Would like microsoft log in then it just goes straight to the desktop, no local account, almost want the same experience that AD binding gave but authenticate with microsoft account.

In Jamf connect config under authentication I have ticked Always require network authentication, but this has made no difference.

Is this possible, am I not understanding the mechanics?

Any ideas, suggestions, help is very much appreciated.

    3 replies

    A
    Forum|alt.badge.img+8
    • Andrew_Kuntz1
    • Contributor
    • 28 replies
    • October 11, 2022

    Hello,

     

      To have users only have to enter their password once, we use the OIDCUsePassthroughAuth key. In your com.jamf.connect.login plist configuration file or the configurator app:

     

    <key>OIDCUsePassthroughAuth</key> <true/>

     

     

    As for the "Account Creation" button, I believe this can be resolved with:

     

    <key>CreateJamfConnectPassword</key> <true/> <key>OIDCNewPassword</key> <false/>

     

     

    I would do some more testing with the above key.

    M
    Forum|alt.badge.img+3
    • MarkDixon
    • Author
    • New Contributor
    • 7 replies
    • October 11, 2022

    Thank you for this, will give it a go.

    S
    Forum|alt.badge.img+6
    • SKizale
    • Contributor
    • 11 replies
    • October 11, 2022

    Hello,

     

      To have users only have to enter their password once, we use the OIDCUsePassthroughAuth key. In your com.jamf.connect.login plist configuration file or the configurator app:

     

    <key>OIDCUsePassthroughAuth</key> <true/>

     

     

    As for the "Account Creation" button, I believe this can be resolved with:

     

    <key>CreateJamfConnectPassword</key> <true/> <key>OIDCNewPassword</key> <false/>

     

     

    I would do some more testing with the above key.


    I have been looking for weeks for this OIDCUsePassthroughAuth trick to stop users from having to enter their password again after the Azure SSO screen. Thanks for sharing, Andrew!


    Terms & ConditionsCookie settingsAccessibility statement