Help

What are the main benefits of JAMF Connect over traditional DEP enrolment?

user-DeoLuXvBmb
New Contributor III

Posted on ‎05-11-2022 10:44 PM

Hi,

 

I was wondering what people see as the main benefit of JAMF connect over traditional DEP enrolment?

We've been trialing both but have noticed that traditional DEP seems to be more seamless.. with JAMF connect users will need to login twice which isn't a great user experience. JAMF Connect through Okta seems nice but if we're introducing LDAP and can populate the DEP full name and username fields there then that seems redundant anyway.

Thanks

0 Kudos
Reply
3 REPLIES 3

nelsoni
Contributor III

Posted on ‎05-12-2022 05:00 AM

You do not use one over the other, you would use them together as a method to streamline enrollment as well as tie user accounts to the mac they are using and Jamf Connect will keep the account sycned with your iDP.

0 Kudos
Reply

jpeters21
Contributor II

Posted on ‎05-12-2022 06:28 AM

DEP is not relational with connect, DEP being how your devices enroll into Jamf. Your options there are an enrollment config, manual enrollment or DEP. Connect is solely in relation to how you want your users to authenticate. Problem with LDAP/AD bind is the device makes mobile/network accounts on the mac that does not have security tokens. No Security token means no encryption (there are ways to do that still but they are not good solutions). Extra benefit maybe that your identity provider provides true off prem authentication were an being bound you would have a mobile account with a cached credential instead. 

If you recently inherited Jamf Administration duties I highly recommend the training videos. If this is a new set up, waiting for your on-boarding training may be beneficial. 

0 Kudos
Reply

AJPinto
Honored Contributor III

Posted on ‎05-16-2022 07:22 AM

JAMF Connect and DEP are separate tools and functions with different purposes. JAMF connect does complement DEP extremely well if configured correctly. 

 

DEP ensures a device is enrolled in to your MDM platform as a part of activation. 

JAMF Connect is a tool used to sync your local accounts with your network accounts without the need to domain bind. 

  • Tools similar to JAMF connect. NoMad and Apple SSO Extension
  • How JAMF connect can work with DEP. You can install JAMF connect during enrollment, and use JAMF connect to replace the macOS login screen so users can authenticate with Okta, ADFS, ext. From there JAMF connect can automatically build the user account based on configuration for a fully 0 touch deployment while maintaining access control. 
0 Kudos
Reply