Jamf Connect+Azure AD

jp2019
New Contributor III

Hi all, We are trying to implement Jamf Pro+Jamf Connect+Azure AD. Is anyone using 802.1X User-based authentication network? We are using Jamf Connect with Azure AD as our Idp. I am unable to login at the Microsoft Sign-in window with our 802.1x user-based SSID. Can anyone share how they are using Jamf Connect and Azure AD? Does anyone have this setup, if so, how have you navigated this issue? We do not want "Local login" to be the option when on campus.
Thanks in advance.

5 REPLIES 5

snowfox
Contributor II

Hi, I have the same setup and have just discovered the same problem. It looks like the Jamf Connect login screen can't handle the certificate prompt from an 802.1x wif-fi network. I get 'invalid password' when I try to sign in using my wi-fi credentials and no certificate prompt, yet it works when connecting from the desktop. Not sure how to resolve this at this time. Especially if it's a Jamf Connect shortcoming.

Hobbs155
Contributor

We have the same issue with 802.1x, from what we have seen you need to setup SCEP, i believe it may be in the jamf connect documentation on the requirement to allow users to log in at the login window.

djrich29
New Contributor III

We are also getting ready to deploy Jamf Connect+Azure and I had the same issue with wireless connection and what I ended up doing was setting up ADCS connector for device certificate authentication. Now I have the Mac auto joining the corporate WiFi with the Jamf Connect Login window enabled and there's no certificate prompt at all, the devices get the certificate via config profile. Not sure if device certificate is an option for you but might be worth looking into.

Jason33
Contributor II

I will need to look into this further before my company returns to the offices in July, but for now, I just enabled local authentication log in by default. That allows the user to log in with the local account, whether there is a network available or not.

snowfox
Contributor II

Thanks all for the input. I found this in the Jamf Connect Admin guide.

4c5780cb4d2d4c33906499bb7efb5b25