Skip to main content

I have one user who cannot log in through the LDAPS login at initial setup. No other user has this issue. Their username can be queried through the LDAPS search test and each field populates correctly. They have no issues with other platforms that use LDAPS. I have changed their password and it has made no difference. Are there restrictions that can be placed on a user that I am missing?

There is nothing in Jamf that would cause this, maybe the user is missing an AD Group or something. I suggest having your IAM account review the users account.

 

It is possible there is a Conditional Access policy preventing your user from authenticating or something like that. Without knowing more about your setup its really hard to speculate further. 

@StoopsE When you changed the user’s password did you set it to a “permanent” password, or one that is in the “Must change on next use” state? If the latter you cannot authenticate the user via LDAP and you’ll need to set a “permanent” password for them.

@sdagley The account’s password was changed with a permanent password and it still wouldn’t authenticate. Later the user changed their password themself.

@StoopsE So much for that theory then. I’m afraid I’m out of ideas as that’s the only cause I’ve seen consistently for Mac users to fails LDAP auth with Jamf Pro.

@sdagley It was a lot easier than I thought. They have a JAMF system account that they never logged into. Reseting the password there allowed them to enroll the device.

Terms & ConditionsCookie settings