I have already set up Azure SSO for Jamf Pro and I'm trying to configuring Enrollment Customization -> Azure SSO with Jamf Connect Logic. The reason why I would choose this option is because I like the way the users are able to sign in just once for the whole enrollment process. Provided that I used the option "Enable Jamf Pro to pass user information to Jamf Connect Allow Jamf Pro to pass the Account Name and the Account Full Name to Jamf Connect" . When I’m using this option, I haven’t user information in jamf pro or to handle my permissions for the local admin with my specific groups via jamf connect login plist file. (like if you use the other way jamf connect login with Enrollment Customization -> Azure LDAP)
Little bit more background about my configuration. I already tested the way just with LDAP and it works fine but there I've the problem the users have two different login windows. Firstly for LDAP authentication to enroll the device and secondly to sign in with Jamf Connect Login to create the macOS user. My goal is to set up the smoothed way to offer zero-touch for my company.
Is there any chance to combine the way with LDAP information and of course the permission to be local admin?