Jamf Nation Community

co22 · ‎07-23-2024

hello,

We had a question from a customer evaluating Jamf Connect Login, if it can work with on premises AD (they have a hybrid environment). Essentially, they would like to mimic NoMAD and NoLOAD behavior (local account, remaining days of password appearance, native macOS login screen).

I am aware that JCL works only with Entra.

Best regards

K

AJPinto · ‎07-23-2024

Jamf Connect works with modern IDPs such as Entra, Okta, and Google Identity. Jamf Connect does not work with legacy identity providers such as On Prem AD.

Jamf Connect can be used with Entra, and you can have the Microsoft Entra Connect setup with your AD instance to sync Entra with AD and have AD as your principal identity management tool. However, to answer your question, no Jamf Connect will not work directly with AD.

easyedc · ‎07-23-2024

You probably want to check into Kerberos SSO. It's specifically designed to work with an on-prem AD and not Entra. It's native to Apple and part of the OS (used to be Enterprise Connect).

co22 · ‎07-23-2024

Thank you both,

@easyedc I am aware of that, but it requires an MDM connected device, they (still) dont have an MDM solution, they just wanted to use the JCL.

Best regards

K

AJPinto · ‎07-23-2024

The 1st thing you want to get is an MDM, all the other stuff comes after. Without an MDM you have no way to deploy Jamf Connect, or its Configuration Profiles (the license key needs to be updated annually so manually loading with Apple Configurator won't work).

easyedc · ‎07-23-2024

How do they intend to touch every system to install it without an MDM? the config profile would be able to be manually installed just like the software.

Jamf Nation Community

Jamf Connect Login and on premises AD