Help

Jamf Connect+Azure AD

jp2019
New Contributor III

Posted on ‎04-08-2021 07:27 PM

Hi all, We are trying to implement Jamf Pro+Jamf Connect+Azure AD. Is anyone using 802.1X User-based authentication network? We are using Jamf Connect with Azure AD as our Idp. I am unable to login at the Microsoft Sign-in window with our 802.1x user-based SSID. Can anyone share how they are using Jamf Connect and Azure AD? Does anyone have this setup, if so, how have you navigated this issue? We do not want "Local login" to be the option when on campus.
Thanks in advance.

Labels:
0 Kudos
Reply
5 REPLIES 5

snowfox
Contributor III

Posted on ‎04-26-2021 07:23 AM

Hi, I have the same setup and have just discovered the same problem. It looks like the Jamf Connect login screen can't handle the certificate prompt from an 802.1x wif-fi network. I get 'invalid password' when I try to sign in using my wi-fi credentials and no certificate prompt, yet it works when connecting from the desktop. Not sure how to resolve this at this time. Especially if it's a Jamf Connect shortcoming.

0 Kudos
Reply

Hobbs155
Contributor

Posted on ‎04-26-2021 05:16 PM

We have the same issue with 802.1x, from what we have seen you need to setup SCEP, i believe it may be in the jamf connect documentation on the requirement to allow users to log in at the login window.

Reply

djrich29
New Contributor III

Posted on ‎04-26-2021 06:54 PM

We are also getting ready to deploy Jamf Connect+Azure and I had the same issue with wireless connection and what I ended up doing was setting up ADCS connector for device certificate authentication. Now I have the Mac auto joining the corporate WiFi with the Jamf Connect Login window enabled and there's no certificate prompt at all, the devices get the certificate via config profile. Not sure if device certificate is an option for you but might be worth looking into.

Reply

Jason33
Contributor III

Posted on ‎04-28-2021 03:40 AM

I will need to look into this further before my company returns to the offices in July, but for now, I just enabled local authentication log in by default. That allows the user to log in with the local account, whether there is a network available or not.

0 Kudos
Reply

snowfox
Contributor III

Posted on ‎04-28-2021 04:47 AM

Thanks all for the input. I found this in the Jamf Connect Admin guide.

4c5780cb4d2d4c33906499bb7efb5b25

Reply