Jamf Connect

KarelSoel
New Contributor

Hi everyone,

I'm a quite new mac System admin. We would like to manage properly identity on Apple devices. Because bind mac to AD bring some hassles and some are out of our network (don't reach AD).

So we're looking a product that provides identity from our hybrid environment (Active Directory + Azure Active Directory). Most of our environment is Microsoft but some VIP and departments ( Graphic Designer ) use Mac. We saw that one of last version of Jamf Connect can manage hybrid identity.

I found some feedback but not enough with hybrid environment. What do you think about this product ? Do you know an alternative because it's a bit pricey 2$ / month / Device.

 

Our environment:

- Hybrid (Active Directory + Azure Active Directory)

- Office 365

- Adfs 3.0 will upgrade 5.0 soon (may be not possible with 3)

- MFA Azure

- Active directory authority for local resources (Printers, file servers, wifi,...)

- Intune

- Apple Business Manager (just few Macs)

- Couple Macs bound to AD others are "Free"

 

I asked a trial to Jamf and give a try.

 

Thank you.

4 REPLIES 4

bwoods
Valued Contributor

Jamf connect is the best thing we invested in. No more broken password hashes and broken keychains. It really helped while on quarantine as well. We no longer need a VPN connection to create managed mobile accounts. Only complaint is the 3 login screens, but we're planning on implementing Jamf Unlock soon.

bwoods
Valued Contributor

It also helps with devices losing Intune compliance due to broken keychains.

SCCM
Contributor III

What do you need to authenticate for? identity is a broad term. Jamf cornnect is a good product for logins. There are other free things out there like azure sso extention:
https://docs.microsoft.com/en-us/azure/active-directory/develop/apple-sso-plugin
if you only need user kerbros look at the kerbros option, also there is nomad still out there that should work but you dont get the support you would with jamf connect.

bwoods
Valued Contributor

My organization is moving to a purely cloud IDP environment. The SSO extension is only for apps not login. NoMAD is just the on prem AD version of Jamf Connect. We use Jamf Connect to sync Idp passwords with local accounts. The login screen also prevents terminated users from accessing machines and allows simple account creation for Automated Device Enrollment.