+4Is anyone able to get Groups working for privileges in Jamf Pro? I can add a group, search it via our Entra integration, but once its added, i still get access denied with the associated user im logging in with.
The only way SSO will work is if i manually add each user.
Jamf Support told me add the group as a standard group, matching the name 100%, which obviously still didnt work.
Before i go back to support, curious if anyone here has run into something like this?
Best answer by AJPinto
I have not used Entra SSO with Jamf, but according to Microsoft’s documentation Jamf does not support role-based login with Entra and you need to manually add the user account as you have done.
https://learn.microsoft.com/en-us/entra/identity/saas-apps/jamfprosamlconnector-tutorial
+26I have not used Entra SSO with Jamf, but according to Microsoft’s documentation Jamf does not support role-based login with Entra and you need to manually add the user account as you have done.
https://learn.microsoft.com/en-us/entra/identity/saas-apps/jamfprosamlconnector-tutorial
+13Are you referring to JAMf Account SSO, yes you won't be able to authenticate with the user who was part of the Ad group mapped under user and groups in JAMF
+4Thanks for the replies, it unfortunately aligns with what im seeing. What is the purpose of groups then if not for permissions?
+26Are you referring to JAMf Account SSO, yes you won't be able to authenticate with the user who was part of the Ad group mapped under user and groups in JAMF
I’m figuring the Jamf Support tech got confused on the functionality of the Okta SSO connector which does support what OP is wanting vs the Entra SSO Connector.
+6A while back, I worked on getting a User Group working in Jamf Pro with Entra, and it has been working great. I have a group in Jamf Pro called Jamf Admins. Then I have the same group name in Entra with two members of the group. I remember I read an article (either a Jamf or Microsoft) that took me step by step to get it setup to use SSO using a group. Now, all I do is just add members to the Jamf Admin group in Entra if I need more than myself and the Server Admin.
I have not used Entra SSO with Jamf, but according to Microsoft’s documentation Jamf does not support role-based login with Entra and you need to manually add the user account as you have done.
https://learn.microsoft.com/en-us/entra/identity/saas-apps/jamfprosamlconnector-tutorial
Thank you so much for sharing the link.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
