Jamf Nation Community

So Jamf told me that this is expected behaviour. As the Menu app doesn't use MFA and just does a password sync, Azure interprets it as a failed login attempt.

Not the best if you ask me but it seems to work fine.

Yeah, unfortunately, those failures get InfoSec's hackles up. I was able to solve this by creating an enterprise application (instead of an app registration). then i added the user.read scope and granted consent for my org (and whatever else needed in that app registration for Jamf Connect). The outcome is that the enterprise app shows up in the conditional access policy list of cloud apps. i can then exclude it from the MFA policy and redirect these failures. I'll try and put together a writeup for this...

@scheb that would be awesome if you could get a write up on that. Would defo get the security team off our backs!

Hi
So we see this issue also since long time. May a few months. Never found a solution and jamf support said to me also, that this is normal behavior. But something strange must be happen, because my user is the only one since two weeks, that never run in this login failures.
I dont know how to troubleshoot exactly. I need to go back and look what we have changed in azure (maybe) with my user.
I have also an admin user in azure, but this is not the one I use for jamf CONNECT.

really strange, my user are back with the errors in azure ad. I dont know how to solve it.

@scheb did you the write up already?
I tried the same with the enterprise application but it doesn't work for us.