Jamf Nation Community

I am in the exact same boat. I have been going the rounds with Jamf/Intune/Azure for the last few weeks, and we've got a deadline in the next two days to get all of us onto Conditional Access. At this time, we have found out that so far only GLOBAL ADMINS are able to install the portal successfully.

I am currently attempting to do this by escalating one of our service accounts to Global Admin, but now I am having issues where the bloody app will crash after authenticating, leaving me hanging.

I wish they tested this better.... So much for "it just works"

Hi

I had the same problem on my side with the client I work for.
A case has been opened at MS and after investigation, the issue with conditional access integration seems to be relate to the following Application “JAMF Native macOS Connector” this app require permissions to the users profile.
In a Azure/Office 365 tenant that use out of the box configuration this would not be an use as users are granted the ability to accept these types of permissions request. But in my customer this ability has been turned off for users and requires and Administrator to approve, this is normally done by the 3rd party supplying an admin consent URL.
We contacted Jamf and it appears the admin consent URL is the way to go to allow admins to allow the Jamf Native macOS Connector multi-tenant app when the global permission to consent is disabled for standard users.
Here is a consent URL that can be used until Jamf get this built in to Jamf Pro.
https://login.microsoftonline.com/common/adminconsent?client_id=55d611b0-7d33-4d38-8df3-6041868930d7&state=1234567890&redirect_url=jamfaad%3A%2F%2FAADTokenRequest%2F
Jamf have not yet set up any good redirect for the admin to be redirected to after logging in and consenting. So clicking the "Accept" button after logging in will not actually show anything from the above URL.

After going through the Admin consent, you should be able to see the results by navigating within the Azure portal to Azure Active Directory > Enterprise Applications > Jamf Native macOS Connector > Permissions
See screenshots with what it should look like before and after doing the consent flow.

Jamf will need to build this functionality into Jamf Pro at some time in near future, including a button/link to start the consent workflow and a page with some information to be redirected to.

Ever since we did this, everything has been working.

I hope this will help you.

Thank you for your input Jerome_CLEMENT, very much appreciated.
Hopefully I can set this up soon cause i'm having a full schedule the next coming weeks. I will keep you updated.

Hi Everyone - It seems like I am having the same issue. Does anyone know if there is an update on this issue?

Hi Everyone,

I am also facing this same problem. does anyone have a solution for this?