Posted on 09-29-2022 01:29 AM
Hi All,
Been using Jamf School for a while now with AD binding, this is really slowing down the log in time so have switched to Jamf connect with Azure AD, I've followed the training videos and done some googling, and have managed to get it to work but not ideally how I want the experience.
Currently user is greeted with a Microsoft log in, put details in, then it wants to create a local account password, and possibly creates a local account.
Would like microsoft log in then it just goes straight to the desktop, no local account, almost want the same experience that AD binding gave but authenticate with microsoft account.
In Jamf connect config under authentication I have ticked Always require network authentication, but this has made no difference.
Is this possible, am I not understanding the mechanics?
Any ideas, suggestions, help is very much appreciated.
10-11-2022 05:24 AM - edited 10-11-2022 05:25 AM
Hello,
To have users only have to enter their password once, we use the OIDCUsePassthroughAuth key. In your com.jamf.connect.login plist configuration file or the configurator app:
<key>OIDCUsePassthroughAuth</key>
<true/>
As for the "Account Creation" button, I believe this can be resolved with:
<key>CreateJamfConnectPassword</key>
<true/>
<key>OIDCNewPassword</key>
<false/>
I would do some more testing with the above key.
Posted on 10-11-2022 09:59 AM
I have been looking for weeks for this OIDCUsePassthroughAuth trick to stop users from having to enter their password again after the Azure SSO screen. Thanks for sharing, Andrew!
Posted on 10-11-2022 06:56 AM
Thank you for this, will give it a go.