Posted on 12-06-2021 05:52 AM
I have worked hole last week on jamf connect package in pre-stage with notify window. But overall it just seems to inconsistent. Sometimes notify window just show recteculating splines and if doing a new install it maybe works.
Just wondering if any managed to get this working with success ?
My overall main thing for using jamf connect is that user is authenticated and jamfconnect create local account - that is the key for me
I right now try to install jamfconnect package, but without notify, but it seems I just everytime just end at a empty login screen. My hop was if jamf connect just could create the user account and get into the desktop, the enrollment process could then start there.
So would like to know how other have done
Posted on 12-06-2021 05:58 AM
So we have basically the same needs.
Just create a local account with the users AzureAD credentials.
Its been over 2 years since we configured it.
What we do is just Skip Account Creation in Account Settings and add Jamf Connect package as enrollment package.
I also attached the configuration profile for Jamf Connect and Jamf Connect Login to the pre-stage.
The JCL profile is to have it hooked up to AzureAD, the JC profile is to have people to proper menu option right from the start.
Without the JC profile some machines will have all options to quit etc..
Posted on 12-06-2021 06:03 AM
OK. When you are getting into the desktop is the software install kicks in right away or it has to wait for a policy refresh from jamf (than. happens randomly on clients) Would like it right away kick in, but wonder how this can be made with a launch agent somehow, but must then exist
Posted on 12-06-2021 06:23 AM
We have configured one policy named something like Default Software which is triggered on Enrollment.
We do not use any notify.
Our goal it to have the machine up and running as quick as possible, after the user went through the JC account setup it jumps to the OS.
Then the packages and Appstore apps are deployed
Posted on 12-06-2021 07:39 AM
First, were you able to get the token when testing in Jamf Connect Configuration? If not, try to fix the Identity Provider part. If you get the token, then work on the Login profile.
We had so many problems at first, I think we had empty login screen like yours. I don't remember what we've done but after some helps from Jamf, we got it working. Our Pre-Stage have 3 Enrollment Packages; Jamf Connect, LaunchAgent, and our custom Jamf Connect icon and logo. I was told that they need to signed. Our Pre-Stage Configuration Profile includes plist from Jamf Connect Login, Connect Menu Bar, Menu Bar Actions, & License Key.
We don't use notify, we just use the simple policies with numbers so they get downloaded accordingly. It's quite reliable, not 100% though, since they're on-site, if any fail, we just do sudo jamf policy. We also use the custom trigger script to install the policies for special cases.
Posted on 12-06-2021 07:55 AM
I've build the config Profiles when there was no tool to help you and also just uploaded it. Not signed.
In the Pre-Stage i belive you would only need JCL config profile and the JC packages.
You could create a new pre-stage and assign one laptop to it to see how it looks on a clean pre-stage config,
The account creation stuff can be left default at first (you end up with two accounts), but when everything is alright just disable the Local Account Creation. and start building your pre-stage from there.
Posted on 12-06-2021 08:11 AM
forgot to mention is that you can install the profile locally and test it before putting them in Jamf.
Posted on 12-06-2021 08:39 AM
I did not notice it wasn't CaptainAmerica that replied 🙂
i know about the tooling
Posted on 01-27-2022 12:29 AM
If we are using Jamf Connect Notify, we need a couple of things. One of them being a PKG that places the notify script in a location where users can access it, the next would be a post install script that runs after the PKG for notify script to engage the preauth conditions needed for Jamf Connect Notify to run. You will also want to ensure you skip account creation in the prestage as well.