Posted on 06-06-2023 10:25 AM
Hello, I've been using Jamf Connect for a while to sync users account, but since (I believe) the upgrade to Ventura, the login screen for Jamf Connect is always skipped on reboot.
We are using Filevault, so usually I would simply run the command bellow to set the Jamf Connect login screen back in. This worked for every MacOS upgrades since Mojave.
/usr/local/bin/authchanger -reset -jamfconnect
But since Ventura, the Jamf Connect login screen won't show up after a reboot. Even if I use the authchanger reset command. I just updated Jamf Connect to 2.24 unfortunately resulting to the same problem.
Did this happen to anyone else ? Were you able to fix it ?
Solved! Go to Solution.
06-07-2023 09:43 AM - edited 06-07-2023 09:44 AM
Check out this link to look up Login Window Settings: https://learn.jamf.com/bundle/jamf-connect-documentation-current/page/Login_Window_Preferences.html#...
You're plist/configuration profile settings for the Login Window are prob set to this:
<key>DenyLocal</key> <false/>
06-07-2023 09:43 AM - edited 06-07-2023 09:44 AM
Check out this link to look up Login Window Settings: https://learn.jamf.com/bundle/jamf-connect-documentation-current/page/Login_Window_Preferences.html#...
You're plist/configuration profile settings for the Login Window are prob set to this:
<key>DenyLocal</key> <false/>
Posted on 06-09-2023 07:10 AM
I do not have the DenyLocal property.
It is not available to add from the Jamf Pro configuration profile and it refuses to add it as a custom property. I suppose this is not used anymore. I do have this one though to allow local login if there are no internet connexion.
<key>LocalFallback</key> <true/>
I'll keep trying to add DenyLocal true to see what happens. Maybe if I edit the plist manually on the computer.
Here's what I have
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>OIDCProvider</key> <string>Okta</string> <key>OIDCNewPassword</key> <false/> <key>OIDCUsePassthroughAuth</key> <true/> <key>OIDCRedirectURI</key> <string>https://127.0.0.1/jamfconnect</string> <key>AuthServer</key> <string>----------------</string> <key>OIDCAccessClientID</key> <string>----------------</string> <key>OIDCAdminClientID</key> <string>----------------</string> <key>CreateJamfConnectPassword</key> <true/> <key>LocalFallback</key> <true/> <key>CreateAdminUser</key> <true/> <key>DemobilizeUsers</key> <true/> </dict> </plist>
Posted on 06-07-2023 03:16 PM
I too noticed this on a few systems in the fleet... I feel like it may have gone away again after another macOS Ventura update... Sorry I don't have more specifics other than to say that you are not alone! However, posting how you've got Jamf Connect configured might help; @MrBombadil may be correct?
Posted on 06-09-2023 07:39 AM
It fixed the issue.
<key>DenyLocal</key> <false/>
It's just odd that this is not an available property for the built-in Jamf Connect config profil in Jamf Pro. I manually uploaded a plist file with this property only to Jamf Pro.
06-09-2023 02:04 PM - edited 06-09-2023 02:06 PM
Good to hear and I completely agree. I am just not sure why Jamf does not include all settings in the Jamf Connect Configuration GUI as it relates to the xml view. If you switch over to the xml view you will see it there within Jamf Connect Configuration app.
FYI: You can also run these commands to toggle the settings...
Removes Okta login screen:
sudo authchanger -reset
Enables Okta login screen:
sudo authchanger -reset -JamfConnecthah
Posted on 10-03-2023 09:35 AM
I had the same issue and I fixed it by disabling Allow Local Fallback under com.jamf.connect.login, this option is available in the built-in Jamf Connect config profile in Jamf Pro
<key>LocalFallback</key>
<false/>
Posted on 08-11-2023 01:39 PM
how we can able bypass the FileVault login screen in jamf connect and just keep Okta login for main
Posted on 08-14-2023 05:27 AM
From my understanding, that's impossible. MacOS doesn't allow Jamf to unlock FileVault through Jamf Connect. If you want to use both FileVault and Jamf Connect, you're stuck with two login screens.
Posted on 03-07-2024 11:49 PM
Hey facing and issue with jamf connect login.
issue:- when user is not on network (for example there is no wifi) after entering the FV login page login and password, generally jamf connect page come and we can see option for 'local login', but since yesterday onwards the 'local login' icon is not showing, however mac says connection appears to be offline, your mac is not connected to network, try local login. but i can see only shutdown,restart, refresh option available, no local login.
Jamf connect and jamf menubar v2.32 have not changed any PLIST settings yet.
Any idea, Thanks in advance