Help

Jamf Connect Azure AD

aburrow007
New Contributor II

Posted on ‎09-05-2023 09:04 PM

Currently implementing Jamf Connect and have encountered an issue with Conditional Access.  When logging in Jamf Connect displays the below error message.

"

Access has been blocked by Access policies.  The access policy does not allow token issuance.

"

After speaking with our Azure Administrator, I'm being told the Mac is being picked up by a CA that prevents Unknown devices from connecting.  The policy does allow Android, iOS, Windows and macOS devices to connect.  We're seeing the Mac having no "Device info" under 'Activity Details: Sign-ins'.

Device ID, Browser, Operating System are all Blank.

Has anyone else seen this?

0 Kudos
Reply
4 REPLIES 4

danlaw777
Contributor III

Posted on ‎09-06-2023 04:08 AM

are you connecting to intune at all? sounds like you need to spin up the device compliance integration with intune to provide that information. if youre currently using the legacy conditional access policy, thats been flaky a bit as of late device compl.png

0 Kudos
Reply

aburrow007
New Contributor II
In response to danlaw777

Posted on ‎09-08-2023 02:20 AM

Device Compliance is enabled and working as intended, we are still having the issue unfortunately.

0 Kudos
Reply

alexac
New Contributor

Posted on ‎12-14-2023 06:00 AM

We seem to be running into the same issue within our org - did you happen to find a way to address this?

0 Kudos
Reply

aburrow007
New Contributor II
In response to alexac

Posted on ‎12-18-2023 09:51 PM

We believe it came down to 2 changes.

1. An update to Jamf Connect 2.28.1 - [PI113084]

2. Change to Policies - Jamf Connect and Microsoft Entra ID Conditional Access - Jamf Connect Documentation 2.30.0 | Jamf

0 Kudos
Reply