Nomad Login+ / Jamf Connect Sync - OIDCSecondaryLoginClientID functionality

New Contributor II

Just thought I would share this in case anyone else was struggling with it (thanks to lucasjhall on macadmins slack for the solution!)

I was going crazy trying to get the OIDCSecondaryLoginClientID functionality working as described in the docs. Like most other setups we had 1-2 local accounts created as part of our DEP/prestage enrollment flow. There's a hidden config key you need to configure in order to ignore those accounts (ExistingUsersHide), it takes an array of strings which are the usernames to ignore for the purposes of determining if a Mac 'Primary' user has logged in or not.

example: <key>ExistingUsersHide</key> <array><string>localadmin1</string><string>localadmin2</string></array>

Hope that helps someone out there!


New Contributor II

That is correct, so it would appear as:


And must be specified in addition to MigrateUsersHide user list as these could be different...