Help

Jamf Connect Mobileconfig files not installing

j_allenbrand1
New Contributor II

Posted on ‎08-12-2021 09:50 AM

hi, We are trying to deploy jamf connect on a test machine with an okta integration, We are using jamf connect configuration and saving but not self signing the profile. Once we try to deploy via Jamf Pro, it fails to install on the test devices. Uploading the created mobile config to Jamf Pro shows up as blank no configuration. 

 

Does anyone have any suggestions on getting jamf connect to work with okta than deploying to a computer? 

Screen Shot 2021-08-12 at 9.49.15 AM.png

Screen Shot 2021-08-12 at 9.49.31 AM.png

0 Kudos
Reply
14 REPLIES 14

mikevandelinder
Contributor
Contributor

Posted on ‎08-12-2021 10:09 AM

Hey @j_allenbrand1! I would recommend signing profiles from Configuration before uploading to Jamf Pro. Otherwise if signing isn’t something available to you (really you can sign with any sort of a certificate), it may be easier to recreate the profile within Jamf Pro’s configuration profiles interface. 

0 Kudos
Reply

j_allenbrand1
New Contributor II
In response to mikevandelinder

Posted on ‎08-12-2021 10:11 AM

@mikevandelinder  re-creating the profile would be using a plist upload vs mobileconfig? 

0 Kudos
Reply

mikevandelinder
Contributor
Contributor
In response to j_allenbrand1

Posted on ‎08-12-2021 10:36 AM

oh, yes, uploading the plist would definitely work, otherwise by going to Computers > Configuration Profiles > New > Application and Custom Settings > Jamf Applications > Add > com.jamf.connect* to create profiles for the different apps.

0 Kudos
Reply

j_allenbrand1
New Contributor II
In response to mikevandelinder

Posted on ‎08-12-2021 10:58 AM

Screen Shot 2021-08-12 at 10.56.24 AM.pngthe info from the created Plist in Jamf Connect Configuration, We want one for Login and Menubar 

would  "com.jamf.connect* be for both of them? 

or would the menubar URL be different for that one? 

0 Kudos
Reply

mikevandelinder
Contributor
Contributor
In response to j_allenbrand1

Posted on ‎08-13-2021 11:41 AM

com.jamf.connect is the domain used for the menubar application

com.jamf.connect.login is the preference domain used for the login window plugin

0 Kudos
Reply

j_allenbrand1
New Contributor II
In response to mikevandelinder

Posted on ‎08-12-2021 10:15 AM

Got any information on manually re-creating them instead?

0 Kudos
Reply

YanW
Contributor III

Posted on ‎08-12-2021 11:26 AM

Our profiles weren't signed, we uploaded both the Login and Connect .plist from Jamf Connect Configuration. The three .pkg were signed in PreStage Enrollment Packages were Jamf Connect, the LaunchAgent, and the Menubar pkg that contains icons and logos. We don't use Okta, so I can't help with that. 

Screen Shot 2021-08-12 at 2.08.01 PM.png  Screen Shot 2021-08-12 at 2.08.40 PM.png

 

0 Kudos
Reply

j_allenbrand1
New Contributor II
In response to YanW

Posted on ‎08-12-2021 01:39 PM

@YanW Where did you get the menubar package?  

Screen Shot 2021-08-12 at 1.38.50 PM.png

0 Kudos
Reply

YanW
Contributor III

Posted on ‎08-12-2021 02:59 PM

We put our Jamf Connect packages in PreStage Enrollment. 

We use Composer to customize the Menu Bar, it's just background, icons and logos.

Then we uploaded them to the PreStage Enrollment Packages, but you the they must be signed.

Screen Shot 2021-08-12 at 5.45.50 PM.png

0 Kudos
Reply

Ecco_Luke
Contributor II

Posted on ‎08-16-2021 07:33 AM

We have this exact issue as well. My understanding was that configuration profiles would be auto-signed by the JSS. I have a case with a senior Jamf engineer open and will update this with their response. In the meantime, I've expoted the plists from the JCC app and pushed those instead.

The engineer did recommend not configuring Connect via the Jamf Pro UI, as apparently it always results in a very cluttered plist as it specifies many options unless you override them.

Reply

j_allenbrand1
New Contributor II
In response to Ecco_Luke

Posted on ‎08-16-2021 09:26 AM

Thats the same as me. One question, how did you get the login screen pgk to install and run?  I am able to get jamf connect to instal and prompt and reboot, but not re-directing to the jamf connect login screen. 

 

 

0 Kudos
Reply

mikevandelinder
Contributor
Contributor
In response to j_allenbrand1

Posted on ‎08-17-2021 08:01 AM

@j_allenbrand1 you'd want to make sure that a profile configured for "com.jamf.connect.login" is deployed to the Mac prior the Connect installer running. The installer package looks for settings in that profile to determine how to configure the login window. If there's no profile, the Connect login window will not be enabled. If you're just testing, after installing the profile run the Connect installer package a second time for it to pick up on the changes.

0 Kudos
Reply

Ecco_Luke
Contributor II
In response to j_allenbrand1

Posted on ‎08-26-2021 03:52 AM

Hi @j_allenbrand1, only just clocked that your reply was addressed to me so I apologise for the delayed response.

We aren't deploying Connect via a PreStage PKG; I just deployed the Connect PKG as I would for any other app install policy and it worked. The user was directed to the Connect log-in screen at the next reboot. I have deployed it previously via a PreStage PKG, and that worked immediately - the user never saw the stock macOS log-in screen. My issue with that method, though, is that you don't get a Bootstrap Token for FileVault and OS updates for Apple Silicon Macs if you deploy an Admin account via the PreStage and the local account the user syncs with their M365 credentials via Connect is just a Standard account.

0 Kudos
Reply

Ecco_Luke
Contributor II

Posted on ‎08-26-2021 03:49 AM

Just FYI, we resolved this by ultimately just pushing out PLISTs generated from the JCCU app and adding them into a 'Custom Settings' profile payload. I actually prefer the app to the UI in Jamf Pro for configuring Connect, and think UI improvements need to be made within Pro to better match the app.

Also, the discrepancy in what gets deployed in the profiles deployed from the Jamf Pro UI vs the JCCU app needs to be addressed as absolutely no mention is made that this is the case when using the Jamf Pro UI to configure Connect.

0 Kudos
Reply