Help

Newbie here - JAMF connect not taking the configuration profile?

nulluser00
New Contributor

Posted on ‎10-02-2024 01:05 PM

Hi all, 

I'm a JAMF newbie (and to any kind of Mac administration). I recently completed an engagement with JAMF to assist in setting up JAMF Pro, but JAMF connect was out of scope for the statement of work. The professional services engineer did a great job of explaining what next steps I should need to take to get JAMF connect setup. 

To get to the point: I created a configuration policy for both JAMF connect and JAMF connect login, targeted to our test Mac - then deployed the JAMF connect app to the Mac but it does not seem to be taking the settings needed to work. The JAMF connect app is also not auto-launching when the system restarts. 

To get into more detail: 

I used the JAMF connect configurator to finish setting up the Entra login details. Everything tested successfully. Per the engineer's suggestion, rather than saving the mobile config file, he suggested it's better to save the XML data from the configurator, ten create a configuration policy per each XML. I did this by going to "Application & Custom settings" - Upload and pasted the XML data into the PLIST window. 

I wasn’t sure what to put in the Preference domain, but after some googling I think I found that the Login should be going to com.jamf.connect.login and the menu bar should be using the preference domain of com.jamf.connect, so I used those.

I scoped these configuration policies to my test MAC. I then added the JAMF connect application via the MAC apps and had it pushed to the Mac Mini.

However, when I launch the JAMF connect app, none of the settings from the XML are present. It’s like it doesn’t know to apply the settings to the JAMF connect app and the Connect app needs to be setup still. Also, the JAMF connect app isn't auto launching on reboot. I have to manually launch it and log out. 

Should I have downloaded JAMF connect pkg file and modified it inside of the composer application to assign our configuration and push that out as a custom package? Or did I use the wrong preference domains in the configuration policy setting?

I would greatly appreciate if anyone could point me towards any KB that might help me out here. Thank you for reading. 

 

0 Kudos
Reply
4 REPLIES 4

iDvLdracea
New Contributor II

Posted on ‎10-02-2024 01:23 PM

Hi,

By your detailed description, it looks like you used the correct Preference domains.

I would start by checking if the configuration profiles have been successfully deployed to the device.

 > System Settings > General > Device Management

If the configuration profiles have been deployed, you can double-click the profile in Device Management and check if the properties match whatever you put in your Jamf Connect Configuration.

If the configuration profiles have NOT been deployed, then it's worth checking if the device is communicating with your Jamf server, and, if the scoping is correctly set up. You can check in your JamfCloud instance the "Configuration Profiles with this Computer in the Scope" by navigating to https://yourinstance.jamfcloud.com/ > Computers > SelectTheComputer > Management > Configuration Profiles.

 

Note, as a "best practice", I use three separate profiles. One for com.jamf.connect.login, another one for com.jamf.connect and one that contains the licence file for both preference domains. I might be weird though 😁

 

Regarding Jamf Connect application not starting by itself, or after reboot, may I ask if you installed the LaunchDaemon too?

 

Best,
Dev

Reply

nulluser00
New Contributor

Posted on ‎10-02-2024 03:43 PM

Hi Dev, 

Thank you for your response! I was able to get everything working! JAMF Connect will now auto launch on start and is working well with our Entra credentials! 

I do have a question about the LaunchDaemon - I am not familiar with this. Is this what I need to make it so JAMF Connect is up at the login screen every time? 

Reply

Jaykrishna1
Contributor II
In response to nulluser00

a month ago

Glad to hear everything is working well!

Regarding the LaunchDaemon—yes, it is what ensures Jamf Connect is running at startup and displays at the login screen. A LaunchDaemon is a system-level process that keeps apps or scripts running even before a user logs in.

To set this up for Jamf Connect:

  1. Ensure you have the correct LaunchDaemon file (com.jamf.connect.login.plist) installed in /Library/LaunchDaemons/.
  2. This plist file should point to the Jamf Connect Login app and ensure it runs at boot.
  3. Make sure permissions for the LaunchDaemon are correct:
    • Owner: root
    • Group: wheel

If you’ve deployed Jamf Connect through Jamf Pro, this is usually handled automatically. However, if it’s not appearing at the login screen, double-check that the LaunchDaemon is present and correctly configured.

 

0 Kudos
Reply

iDvLdracea
New Contributor II

Posted on ‎10-03-2024 05:13 AM

Hi,

 

The Jamf Connect package contains a post-install script that should have automatically changed your login window.

For what is worth, it is known that macOS updates are resetting the login screen from using the Jamf Connect window, back to the default macOS login, and for that, I use a smart group in JamfPro, that checks what login window the mac has, and if it's on the default macOS window, then it runs a policy that will change it back to Jamf Connect.

The policy basically runs this command: 

/usr/local/bin/authchanger -reset -jamfconnect

 

Run this command as root, restart the device, and let me know if the Jamf Connect window is now displayed.

 

Best,

Dev 

Reply