Jamf Connect Login for Azure no username or password field

friveraLC
New Contributor III

Is anyone else having an inconsistent experience with the Azure login window? In 8 out of 10 scenarios when I get to the Azure login screen using Jamf Connect Login, there are no username and password fields. I hit refresh or reboot the computer and doesn't come up. I've also reset the login mechanism and reinstalled the latest 1.2.0 version of Jamf Connect Login and get the same behavior. The only way to log in, is with the "Local Auth" button.

1 ACCEPTED SOLUTION

sam
New Contributor III
New Contributor III

As noted above, we did release an update yesterday that addresses this issue. I apologize for the late notice on this thread, but did want to close the loop from our updates. A notification should have come out to all current Jamf Connect customers. If you did not receive this notification or are still seeing any issues with this release, please be sure to reach out to support or your Jamf rep. Thank you for all your feedback and help during this process!

View solution in original post

32 REPLIES 32

OGClayton
New Contributor III
New Contributor III

There has been a change to the JavaScript that Azure Ad presents.. the Jamf Connect team are working on a fix. Hopefully the fix will be released tomorrow.

Cayde-6
Release Candidate Programs Tester

Yep same issue with me and I was meant to demo this to a senior colleague tomorrow lol

sam
New Contributor III
New Contributor III

We at Jamf acknowledge this issue. We sincerely apologize for any inconvenience this has caused. Recently, Microsoft updated its sign-in page for Azure applications. We use this same page for authentication between Jamf Connect and Azure.  Due to this change, the html does not render as it should which is causing the sign-in window to display incorrectly during authentication. We are working around the clock to fix this as quickly as possible and will inform you as soon as a fix is available. In the meantime, local authentication and other identity providers integrated with Jamf Connect are not experiencing this issue.
 
We will update this thread as progress is made.  If you have any questions or would like to speak with someone, please reach out to our support team or your Jamf representative.

sam
New Contributor III
New Contributor III

Update: Our engineering team has been working on a fix that we believe resolves the outstanding issue. We are currently testing this in some environments and running requisite quality assurance. If no issues are found, we have a path to delivery tomorrow during US business hours. This is subject to change as we progress through the testing process. Thank you for all of your patience, help and feedback during this process.

sam
New Contributor III
New Contributor III

Update 2: Once again, thank you all for your patience while we get through this issue. Our team has been working closely with customers with a proposed fix to this issue. This has resulted in a few builds of the product in order to stabilize the login display for Azure.

At this time, we believe to have a working fix and are distributing to all customers who have submitted a support case. We will gain validation through the rest of today and plan for an official release tomorrow (granted proper validation).

If you are currently experiencing this issue and wish to receive this build prior to a general release, please contact our support team.

rbottiglieri
New Contributor

Is this still on schedule to be released today? I'm trying to test with Azure AD, and I'm getting the same behavior at the logon screen.

Thanks.

Rich

MatG
Contributor III

I tested the beta...hmmmm. Hope there is more to come as I repeatedly get stuck. On first use its not creating an account locally.

If I do Local Auth and then click Cancel it goes back to the broken login window.

ThijsX
Valued Contributor
Valued Contributor

Same here. PI-006900

Duff2481
New Contributor II

Do we have a resolution to AzureAD login page resolving properly now?

Cayde-6
Release Candidate Programs Tester

Yep, latest PKG now shows the correct screen.

but I cannot get past that screen now lol constantly thrown back to the enter email field

mlawniczak
New Contributor III

We tested the beta yesterday and then loaded the 1.2.1 update after it came out. Testing this morning and we are able to sign in using Azure AD on a new machine where the 1.1.1 Jamf Connect Login .pkg is being installed via pre-enrollment, behavior is as expected so far. Make sure you have updated your software and try it out.

https://www.jamf.com/jamf-nation/discussions/31603/jamf-connect-1-2-1-general-availability

KyleEricson
Valued Contributor II

@mlawniczak Can you test the same workflow with Jamf Connect Login with all network connections disable and see if local auth works?

Read My Blog: https://www.ericsontech.com

sam
New Contributor III
New Contributor III

As noted above, we did release an update yesterday that addresses this issue. I apologize for the late notice on this thread, but did want to close the loop from our updates. A notification should have come out to all current Jamf Connect customers. If you did not receive this notification or are still seeing any issues with this release, please be sure to reach out to support or your Jamf rep. Thank you for all your feedback and help during this process!

mlawniczak
New Contributor III

Hey @kerickson When attempting to boot the system without a connection to Azure the machine does not come up with any kind of login windows, it just hangs. As soon as you plug the computer in to the network and it recognizes the connection it stops hanging and finishes loading. I did report this through my support ticket already, so they are aware.

KyleEricson
Valued Contributor II

@mlawniczak Thanks for testing that.

Read My Blog: https://www.ericsontech.com

KyleEricson
Valued Contributor II

@sam I have the newest version and as @mlawniczak stated there is a major issue with Jamf Connect Login when the computer has no network connection.

See screenshots below comparing how the old workflow worked.

Old Jamf Connect AzureAD device with no network connection
9afb53dc32b2439bb04e46439f04f5ae

New Jamf Connect AzureAD device with no network connection
9ac17ea3fb7145fca48e254819cb5274

I have a ticket opened already, but this is a major issue and needs to be fixed.
A user will run into this issue when they are on an Airplane or a location with no network and they will not be able to log in.

Read My Blog: https://www.ericsontech.com

sam
New Contributor III
New Contributor III

@mlawniczak @kericson Completely understand. Thank you for bringing this up. I will ensure this is in front of the team.

Cayde-6
Release Candidate Programs Tester

@sam

I still cannot get in, it constantly get taking back to the SAML page asking for the email address. All I can see in Azure are sign in error codes 650056, googling that error code doesn't bring up anything useful

Steven_Xu
Contributor
Contributor

@Cayde-6 +1 When I input the correct password, it goes back to the enter email page, if I input the incorrect password, it shows me the password is incorrect.
I have a 2FA enabled account, I entered the account email address, password, it ask for the authentication code, everything works fine so far, but it keeps asking for the code again and again.

this is the debug log.44a2105efa6f4e2e85cd326229eb6019

Cayde-6
Release Candidate Programs Tester

@Steven.Xu

Yep I get the same things in the log but 2FA is turned off for my dev tenant

Cayde-6
Release Candidate Programs Tester

Looks like others are affected with the "ADAL deny login because unsupported behavior" error in the logs

Cayde-6
Release Candidate Programs Tester

PI-006920 had been raised for this issue

josh_wisenbaker
New Contributor III
New Contributor III

We are working on these issues now for the next release.

In that release:
1. The ADAL Error has been enhanced to surface the underlaying error.
2. When opening with no internet access the login window will automatically load the local login screen and log that it has done so.

Cayde-6
Release Candidate Programs Tester

@josh.wisenbaker

How long are the release cycles? At the moment I cannot use jamf connect due to the ADAL errors

MatG
Contributor III

@josh.wisenbaker When will we see PingID support?

KyleEricson
Valued Contributor II

@josh.wisenbaker Was anyone going to tell us that you released a new version today? I never got an email or anything on Jamf nation. Very frustrating for my client who needs this fixed ASAP. So far in my early testing, the new version of Jamf Connect Login 1.1.2 seems to fix the issue of no login screen without a network connection.

Read My Blog: https://www.ericsontech.com

josh_wisenbaker
New Contributor III
New Contributor III
How long are the release cycles? At the moment I cannot use jamf connect due to the ADAL errors

There really isn't a release cycle that is set in stone for Connect other than the code is complete and tested. In the case of a hot fixes like Azure we will release as soon as we have confidence that the issues are solved.

Was anyone going to tell us that you released a new version today? I never got an email or anything on Jamf nation. Very frustrating for my client who needs this fixed ASAP. So far in my early testing, the new version of Jamf Connect Login 1.1.2 seems to fix the issue of no login screen without a network connection.

As you found we released a hot fix for the offline and logging issues. One of my personal goals here at Jamf is to complete the work I started at Orchard & Grove when it comes to a release pipeline so that people find out far more quickly when things change. The current process can be frustrating, but we are working to improve it.

As an open-ended question, what sort of updates would people like? Email? A Slack release channel on MacAdmins? Just Jamf Nation updates? All of them?

Thanks,
Josh

KyleEricson
Valued Contributor II

@josh.wisenbaker Thanks for the response might be overkill, but all of the communication platforms you mentioned would be nice to see this posted on.

Read My Blog: https://www.ericsontech.com

mlawniczak
New Contributor III

Same as @kerickson here, we are now able to access the systems when offline with the new software update.

Steven_Xu
Contributor
Contributor

I installed the Jamf Connect 1.1.2 but it still does not working at the beginning, same issue, it keeps sending me back to the email enter page or asking the code.

I checked the user's applications in Azure, I found there are two JCL applications. the first time I tried the JCL, and it works good. then Microsoft changed something in Azure, that caused my JCL stop working, I thought maybe something wrong in JCL application in Azure, so I deleted it and created a new JCL application. BUT I never thought the Microsoft didn't delete it thoroughly, there are still residual records within the users or the groups.

After I deleted the old and new JCL applications under the users records, and re-add the user and re-assign the role in the JCL application, the JCL works!

So, If you deleted the JCL and recreated it, please make sure the old JCL was completely deleted, Microsoft is not smart enough.

Cayde-6
Release Candidate Programs Tester

@Steven.Xu

Permission in Azure, you need to grant it admin consent

Steven_Xu
Contributor
Contributor

@Cayde-6 the permission is already granted but no lucky, delete the old JCL helped. is that the new step in JCL registration? I saw my JCL application already has the User.Read permission.