Can someone explain how user provisions works in Jamf?

New Contributor

We use Azure. Azure is mapped to jmaf. When I click on a device I can manually assign an Azure user to it, but when I try and add an Azure user to a static group it says I don't have any users.


Honored Contributor II

JAMF does not handle user provisioning in the way you are wanting. 

  • You setup a LDAP Connection with JAMF and your IDP, in this case Azure. So JAMF is able to search your IDP, and this allows your LDAP accounts to log in to JAMF using said IDP. It also allows for you to assign devices to LDAP accounts.
  • Policies can only be assigned to JAMF Objects. To create a JAMF User Object for an LDAP account, the most direct way to do this is by assigning a device to that user.

You cannot target policies at LDAP objects, you can only target policies at JAMF Objects. The user needs an Object in JAMF before you can assign something to that Object.