Posted on 04-05-2022 08:27 AM
During our zero-touch configuration we have an Enrollment Customization pane setup with SSO to pass through to JAMF Connect. Once the machine goes through enrollment, it gets to the JAMF Connect screen and asks the users to login.
The issue is that on seemingly random machines, it just says “invalid username or password” whenever they try to login. Even if we create a test user in Okta and try it (to eliminate any end-user errors) we still are unable to login. If you take another mac off the shelf and hand it to the user, it works. Even wiping the original machine with the issue doesn’t help. I’ve seen this on 2-3 machines and working on collecting logs but just wondering if I’m missing something.
What is interesting, is after the enrollment customization page they are prompted to sign in to JAMF Connect, it even shows them the MFA prompt. After they fulfill 2FA, it takes the user back to the normal sign-in window where they get the "invalid username and password" message. Further, if you go into JAMF, you can see that a local user account was created on the machine.
Posted on 04-06-2022 08:13 AM
Does your organization have additional IDP's or is the authentication handled through Azure, completely?
How is your MFA set up and who is the vendor?
Posted on 04-06-2022 08:19 AM
ops, you are using OKTA. I am sorry my experience is with Azure.