Jamf Connect 1.0.0 has shipped!

kaylee_carlson
Contributor
Contributor

Good afternoon Jamf Nation,

We’re excited to launch Jamf Connect Login 1.0.0, now integrated with Azure Active Directory and Jamf Connect Verify 1.0.0. Details about the release are below.

Please let me know if you have any questions or concerns about this release!

Kaylee

Login Admin Guide with Release Notes
Verify Admin Guide with Release Notes
KB Article for Deploying Jamf Connect
KB Article for Jamf Connect Verify Preference Keys
KB Article for Using authchanger with Jamf Connect
KB Article for Integrating Open ID Connect with Jamf Connect
Azure Integration Press Release

16 REPLIES 16

scottb
Honored Contributor

Thank you!

afzanjamalgt
New Contributor II

I'm sure I'm not the only one wondering:

What is Verify? Where is Nomad Pro/Jamf Connect Sync?

zachary_fisher
New Contributor III

Verify is for Azure. Jamf Connect Sync is specific to Okta but doesn't include as many new features as Azure (Verify) and Login at the present time.

josh_wisenbaker
New Contributor III
New Contributor III

We are working on the updates for Jamf Connect Sync, but are running it through some more testing currently. Since many people already have NoMAD Pro installed we are being very careful with the upgrade workflows.

As we get closer to release we will have beta releases and more info available.

Hang in there, we haven't forgotten about you.

Captainamerica
Contributor II

Great news. Will there be released some online product walkthrough or webinar of this new product as seeing something often is better then reading :)

We are not running LDAP, will information from Azure be able to be uploaded to Jamf with AD preference settings like full name, email, phone number location etc ?

lockwojo
New Contributor III

Jamf Connect is a welcome addition. However it would increase its usefulness massively if it was not limited to just Active Directory and Azure (AD).

Active Directory was already reasonably well supported by Apple's built-in AD client, OpenDirectory is also of course well supported by Apple's built-in OD client. Other LDAP servers are effectively not supported at all.

Yes one can manually define field mapping for other LDAP servers but not the use of the word manually. Trying to use say FreeIPA is pretty much a lost cause, OpenLDAP is not much better despite the fact it is a lot better known and OpenDirectory is based on it.

One of the major issues is the inability to get password reset requests to work at the login screen stage.

If Jamf Connect stepped up to the plate and provided seamless connectivity to other LDAP services especially in our case FreeIPA then I would go for it in a flash.

Note: I did manage manually to get a Mac to talk to FreeIPA and even for the creation and use of Mobile accounts but the one thing I could not get working was login screen password reset requests - changing the password ones self via System Preferences did work. Changing the password via System Preferences worked via a Kerberos connection but password reset requirement at the login screen happen before the login is complete and hence you have no Kerberos ticket at that point. With FreeIPA and OpenLDAP having no equivalent of Apple's Password Server you are stuck.

rastogisagar123
Contributor II

@kaylee.carlson seems you havent mentioned properly in documentation that Jamf Verify is for Azure AD

Sagar Rastogi

slinxy
New Contributor II

Hi, any chance of a trial of this product? still deciding on which route to take in terms of Apple Enterprise Connect or JAMF Connect.

Thanks

jonathanwilson
New Contributor II

My org has local Active Directory - can we use it with that? I'm not seeing an obvious answer, but would love to explore if it's possible.

jorrig
New Contributor III

@jonathanwilson You can use the open source version NoMAD Login, that is what Jamf told me when asking. I also just like you, have a local AD and I am using NoMAD Open Source found here: https://nomad.menu/support

Jamf Connect I was told is for OKTA/Azure and soon if not already for Google Secure LDAP, anyone can correct me if I am wrong!

vanschip-gerard
Contributor

Funny I ended up here via ADPassmon, then Nomad and then Jamf Connect. Been emailing with support as we struggled with AD and certificates but from the surface it seems this product can smoothen the whole AD integration.

I see it does AD Azure, does that mean not regular AD?

josh_wisenbaker
New Contributor III
New Contributor III

For local AD infrastructures NoMAD remains as the best solution for casual binding to local AD.
The Jamf Connect products use cloud IdP solutions for authentication.

We realize that a lot of folks still have local AD resources they would like to access still with local Kerberos. Jamf Connect Verify, NoMAD Pro, and the upcoming Jamf Connect Sync all allow you to authenticate to your IdP and then also retrieve local Kerberos tickets from on-prem AD.

In a nutshell:
- If you only have on-prem AD, use NoMAD solutions.
- If you only have an IdP, use Jamf Connect solutions.
- If you have IdP as your authentication source and local AD resources, use Jamf Connect solutions.

I hope this helps clear things up a bit.

wex98x
New Contributor

I'm having issues with the Okta authchanger with Jamf Connect Login. When enabled, after reboot/logout/login it just hangs with a spinning gear. The plist file has authserver set to our okta URL. Is there a step I am missing?

slinxy
New Contributor II

Hi, does anyone know how to remove it from a computer? I've stupidly installed it on my own machine but don't have time to have a look at it at the moment.

Thanks

josh_wisenbaker
New Contributor III
New Contributor III

You can run

sudo authchanger -reset

to go back to the factory login settings.

KyleEricson
Valued Contributor II

@josh.wisenbaker if you only have AzureAD do you use Jamf Sync or Jamf Verify. If you use Jamf Verify should you get Kerberos ticket or not. If so how do you se that up with AzureAD?

Read My Blog: https://www.ericsontech.com