a month ago
Our Company utilizes JAMF Pro and JAMF Connect for MDM Management,
Up until recently, we have always had local accounts created manually during prestage - then sign out and sign in with the users Azure Credentials - connect the local account and then merge the passwords so the local account and network account have the same credentials through JAMF Connect.
We want to streamline this process and switch over to a Full Zero Touch Deployment - Currently we do have some minimal connection on the JAMF Pro side using LDAP Credentials/Directory services, so we can have admins login with their LDAP Creds and then techs can manually assign Location and User data by searching LDAP.
We do not have an LDAP server connected and again, SSO is not setup yet.
Part of that process I know we can setup SSO and use it in an enrollment customization then pass it through to Jamf connect during that process so the user can authenticate with their company account, it will generate the local account and then ask for their network password again so its all sync'd and the account is generated all at once.
My question is - this will be a new process. We have over 100 users with Macs deployed the old way, using JAMF Connect. If we turn on SSO - (Besides the admins logging in, who would likely then use SSO to get into the JAMF Pro portal), will this break existing users login either locally or through JAMF Connect?
We would keep Self service SSO off and keep the Enrollment piece on - we just want to build this and add it without deep ramifications.
Any insight would be great.
Thanks