Posted on 09-05-2023 09:04 PM
Currently implementing Jamf Connect and have encountered an issue with Conditional Access. When logging in Jamf Connect displays the below error message.
"
Access has been blocked by Access policies. The access policy does not allow token issuance.
"
After speaking with our Azure Administrator, I'm being told the Mac is being picked up by a CA that prevents Unknown devices from connecting. The policy does allow Android, iOS, Windows and macOS devices to connect. We're seeing the Mac having no "Device info" under 'Activity Details: Sign-ins'.
Device ID, Browser, Operating System are all Blank.
Has anyone else seen this?
Posted on 09-06-2023 04:08 AM
are you connecting to intune at all? sounds like you need to spin up the device compliance integration with intune to provide that information. if youre currently using the legacy conditional access policy, thats been flaky a bit as of late
Posted on 09-08-2023 02:20 AM
Device Compliance is enabled and working as intended, we are still having the issue unfortunately.
Posted on 12-14-2023 06:00 AM
We seem to be running into the same issue within our org - did you happen to find a way to address this?
Posted on 12-18-2023 09:51 PM
We believe it came down to 2 changes.
1. An update to Jamf Connect 2.28.1 - [PI113084]
2. Change to Policies - Jamf Connect and Microsoft Entra ID Conditional Access - Jamf Connect Documentation 2.30.0 | Jamf