Help

MFA Prompts

stacy36
New Contributor

Posted on ‎03-16-2023 07:51 AM

Majority of our Macs are not registered in Azure AD. We have had reports of users getting promoted way too often to MFA. We use Jamf Connect. But I noticed in the Azure logs Jamf connect shows single factor authentication most of the time and it’s successful. Anything related to Jamf connect multi factor authentication usually shows as Interrupted. If we deploy Company Portal and the Config profile to register device to Azure AD. Would that help with the prompts that users are getting? I also see there is a SSO plugin that Microsoft shows as in preview. Could that also help? It does need Company Portal to be on the device as well I see.

omegle xender
Reply
2 REPLIES 2

akw0045
New Contributor III

Posted on ‎03-16-2023 01:10 PM

Are they getting prompted too many times at the Jamf Connect log ins? Or is a pop up asking to allow Jamf Conditional Access happening all the time?

0 Kudos
Reply

AJPinto
Honored Contributor III

Posted on ‎03-20-2023 07:28 AM

 

I doubt your problem is with JAMF Connect. JAMF Connect itself cannot trigger MFA, its your IDP that decides if MFA is needed. 

 

JAMF Connect only talks to your IDP when

  • You sign in to macOS
  • When you log in to the JAMF Connect Menu Bar
  • When JAMF Connect syncs with your IDP to confirm the Users password is correct
    • I could see this triggering random MFA prompts depending on Azures configuration
  • All other authentications are SSO ticket based and do not directly involve JAMF Connect.

 

 

I would not recommend considering the Comp Portal unless you needed conditional access for something. The Comp Portal also wont change the behavior of MFA.

 

0 Kudos
Reply