Help

Jamf Connect with Okta - Auto-sync newly changed password

AndrewWilliamso
New Contributor III

yesterday

I am about to deploy Jamf Connect to my org, with Okta as our IdP. We are replacing JumpCloud as our previous LDAP and IdP.

 

With Jumpcloud when users reset their password using the Jumpcloud desktop app, Users would set their new password in the desktop app, and that new password was automatically and instantly working as their local password. The user was NOT prompted to sync their cloud/network password to their local password a an extra step. 

 

With Jamf Connect however, after changing their Okta password using the Jamf Connect desktop app/menu bar, users are prompted to log back into the Jamf Connect menu bar app, then have another pop-up saying that their local password (old network password) and network password (new network password just set) are out of sync, and are asked to provide their local password (old network password) to sync them. 

 

Is there any way for Jamf Connect to automatically sync network and local password when the new network password is set through the jamf connect app? Jumpcloud had many issues and frustrations, but this is one area in which it was far superior to Jamf Connect from a user experience perspective...

0 Kudos
Reply
3 REPLIES 3

Shyamsundar
Contributor III

yesterday

No, i don't think so it can be done via JAMF Connect. Try exploring the Platform SSO. 

0 Kudos
Reply

AJPinto
Esteemed Contributor

yesterday - last edited yesterday

If the user performs the password change through Jamf Connect, then there won’t be a second prompt to unlock the keychain to allow the password change.

 

The nuts and bolts behind it, the keychain needs to be unlocked to allow the local password change. If you change the password from any location other than Jamf Connect, it is not aware of the new LAN password and that must be manually fed into Jamf Connect, then the user must unlock their keychain to allow the local password change (or sync it is sometimes understood).

0 Kudos
Reply

MatthewGV
Contributor

yesterday

If users change the Okta password in Okta, they're going to be prompted at least once to update locally. There is password syncing in Connect but it doesn't push down the password changes to the machine.

Enable “LocalPasswordSync” (Does Not Remove Sync Prompt)

• This setting ensures Jamf Connect prompts users to sync their local password when they change it in Okta.

• It doesn’t eliminate the manual password confirmation step but ensures sync happens.

Configuration Profile Key:

<key>LocalPasswordSync</key>
<true/>

Use “LocalPasswordSyncImmediate” (Newer Feature)

•This is a newer key in Jamf Connect 2.23+ that allows automatic local password sync without waiting for the next login.

•However, users still have to reauthenticate in the Jamf Connect menu bar app.

Configuration Profile Key:

<key>LocalPasswordSyncImmediate</key>
<true/>

 

0 Kudos
Reply