Help

Jamf Connect login window stopped displaying at boot

Go to solution
mlemieux
New Contributor II

Posted on ‎06-06-2023 10:25 AM

Hello, I've been using Jamf Connect for a while to sync users account, but since (I believe) the upgrade to Ventura, the login screen for Jamf Connect is always skipped on reboot.

We are using Filevault, so usually I would simply run the command bellow to set the Jamf Connect login screen back in. This worked for every MacOS upgrades since Mojave.

/usr/local/bin/authchanger -reset -jamfconnect

 But since Ventura, the Jamf Connect login screen won't show up after a reboot. Even if I use the authchanger reset command. I just updated Jamf Connect to 2.24 unfortunately resulting to the same problem.
Did this happen to anyone else ? Were you able to fix it ?

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
MrBombadil
New Contributor III

‎06-07-2023 09:43 AM - edited ‎06-07-2023 09:44 AM

Check out this link to look up Login Window Settings: https://learn.jamf.com/bundle/jamf-connect-documentation-current/page/Login_Window_Preferences.html#...

 

 

You're plist/configuration profile settings for the Login Window are prob set to this:

<key>DenyLocal</key>
<false/>

 

View solution in original post

0 Kudos
9 REPLIES 9

Go to solution
MrBombadil
New Contributor III

‎06-07-2023 09:43 AM - edited ‎06-07-2023 09:44 AM

Check out this link to look up Login Window Settings: https://learn.jamf.com/bundle/jamf-connect-documentation-current/page/Login_Window_Preferences.html#...

 

 

You're plist/configuration profile settings for the Login Window are prob set to this:

<key>DenyLocal</key>
<false/>

 

0 Kudos

Go to solution
mlemieux
New Contributor II
In response to MrBombadil

Posted on ‎06-09-2023 07:10 AM

I do not have the DenyLocal property.
It is not available to add from the Jamf Pro configuration profile and it refuses to add it as a custom property. I suppose this is not used anymore. I do have this one though to allow local login if there are no internet connexion.

    <key>LocalFallback</key>
    <true/>

I'll keep trying to add DenyLocal true to see what happens. Maybe if I edit the plist manually on the computer.
Here's what I have

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
  <dict>
    <key>OIDCProvider</key>
    <string>Okta</string>
    <key>OIDCNewPassword</key>
    <false/>
    <key>OIDCUsePassthroughAuth</key>
    <true/>
    <key>OIDCRedirectURI</key>
    <string>https://127.0.0.1/jamfconnect</string>
    <key>AuthServer</key>
    <string>----------------</string>
    <key>OIDCAccessClientID</key>
    <string>----------------</string>
    <key>OIDCAdminClientID</key>
    <string>----------------</string>
    <key>CreateJamfConnectPassword</key>
    <true/>
    <key>LocalFallback</key>
    <true/>
    <key>CreateAdminUser</key>
    <true/>
    <key>DemobilizeUsers</key>
    <true/>
  </dict>
</plist>

 

0 Kudos

Go to solution
gabester
Contributor III

Posted on ‎06-07-2023 03:16 PM

I too noticed this on a few systems in the fleet... I feel like it may have gone away again after another macOS Ventura update... Sorry I don't have more specifics other than to say that you are not alone! However, posting how you've got Jamf Connect configured might help; @MrBombadil may be correct?

0 Kudos

Go to solution
mlemieux
New Contributor II

Posted on ‎06-09-2023 07:39 AM

It fixed the issue.

<key>DenyLocal</key>
<false/> 

It's just odd that this is not an available property for the built-in Jamf Connect config profil in Jamf Pro. I manually uploaded a plist file with this property only to Jamf Pro.

Capture d’écran, le 2023-06-09 à 10.35.56.png

Go to solution
MrBombadil
New Contributor III
In response to mlemieux

‎06-09-2023 02:04 PM - edited ‎06-09-2023 02:06 PM

Good to hear and I completely agree. I am just not sure why Jamf does not include all settings in the Jamf Connect Configuration GUI as it relates to the xml view.  If you switch over to the xml view you will see it there within Jamf Connect Configuration app.  

FYI: You can also run these commands to toggle the settings...

 

Removes Okta login screen:

 

 

 

sudo authchanger -reset

 

 

 

 

 

 Enables Okta login screen:

 

 

 

sudo authchanger -reset -JamfConnecthah

 

 

 

 

 

 

0 Kudos

Go to solution
iJoha
New Contributor
In response to mlemieux

Posted on ‎10-03-2023 09:35 AM

I had the same issue and I fixed it by disabling Allow Local Fallback under com.jamf.connect.login, this option is available in the built-in Jamf Connect config profile in Jamf Pro

<key>LocalFallback</key>
<false/>

Screenshot 2023-10-03 172733.pngScreenshot 2.png

 

0 Kudos

Go to solution
saeid_agheli
New Contributor III

Posted on ‎08-11-2023 01:39 PM

how we can able bypass the FileVault login screen in jamf connect and just keep Okta login for main 

0 Kudos

Go to solution
mlemieux
New Contributor II
In response to saeid_agheli

Posted on ‎08-14-2023 05:27 AM

From my understanding, that's impossible. MacOS doesn't allow Jamf to unlock FileVault through Jamf Connect. If you want to use both FileVault and Jamf Connect, you're stuck with two login screens.

Go to solution
giri
New Contributor

Posted on ‎03-07-2024 11:49 PM

Hey facing and issue with jamf connect login.

issue:- when user is not on network (for example there is no wifi) after entering the FV login page login and password, generally jamf connect page come and we can see option for 'local login', but since yesterday onwards the 'local login' icon is not showing, however mac says connection appears to be offline, your mac is not connected to network, try local login.  but i can see only shutdown,restart, refresh option available, no local login. 

Jamf connect and jamf menubar v2.32 have not changed any PLIST settings yet.

Any idea, Thanks in advance

 

 

 

0 Kudos