Jamf connect not working correct?

New Contributor

I'm currently testing out a Jamf Now (Fundamentals) deployment for a couple of Macs we have. I haven't used Jamf before so not too sure how Jamf connect should work, but have a feeling mines not correct.

I have setup the setting "Enable password sync with Jamf Connect" and done the setup in Azure for it. When a user first logs on it asks to type in both password (microsoft & then local password) so it could sync.

Then we changed the password in Microsoft to see if it worked but on the macbook we have to login with the old local password and then in Jamf connect enter the email and the new microsoft password and it says they are out of sync and input the local password.

I assume this should be a bit easier as its not exactly syncing the passwords currently?


Honored Contributor II

The just of things seem about right. JAMF Connect is a tool to facilitate the syncing of IDP passwords with macOS local accounts. If the passwords are ever out of sync, the user needs to enter the current password in to JAMF Connect to sync things up again.

  • When a password is changed on the IDP, macOS has no idea it was done nor does macOS really care.
  • JAMF Connect will be asked to provide a new password as what it has cached does not match what the IDP has.
    • This is no different than needing to update Outlooks cached password after you change your LAN password.
  • When you provide the new password to JAMF Connect it will update the password for the local account on macOS (if configured to do so).

If you change the users password on the IDP, JAMF Connect still needs to have the new password given to it, then JAMF Connect will sync things up. This is more streamlined if the user initiates the password change from JAMF Connect as the syncing will happen automatically.

New Contributor III

Did you configure com.jamf.connect? This should identify when you changed your pw in Azure and attempt to sync every 60 minutes (defualt). If it finds pw's out of sync, you'll be prompted to enter your old pw which will sync with your new IDP pw. If you only configured com.jamf.connect.login, the 60 minute check won't occur.




  • If a network account password is changed without Jamf Connect (e.g., your organization's IdP web page for password changes), the previously used network password will remain the local password until Jamf Connect checks in (by default every 60 minutes) and prompts the user to update their password.