Skip to main content

Hi There,

I am currently testing a new Jamf Pro environment with Jamf Connect.

After logging in with my Azure AD Account and get to enter the network password again I get the following error.

- Invalid request: Invalid request:

This behavior is when Create a Seperate Local Password is set to: False
When changing this to True; I can proceed. We need the account synced rather than having two different passwords.

 

Looking at https://community.jamf.com/t5/jamf-connect/jamf-connect-2-3-1-release/td-p/233910 someone had the same issue; but used a workaround, which for us would not be an option.

 

Any advice on how to troubleshoot this?

 

Kind regards,
Tobias

Update: 
In my case, we are using a hybrid environment and I needed to fill in the Identity Provider (Hybrid ID) details. 
Configuring Jamf Connect Login with Microsoft Azure AD - Jamf Connect Administrator's Guide | Jamf

The Hybrid Identity part.

 

Additionally:
com.jamf.connect.login
We have a hybrid environment, could it be that I am using the wrong Client ID here?

 

I've also experienced this issue since the release of v.2.6.0.

Brand new Config Profile created with Azure info entered and scoped to one machine only to test. Unable to get past the "Invalid Request: Invalid Request:" issue when signing in.

The logging doesn't show any errors, but will show the following when attempting to "sync" the password:

2021-11-03 14:42:45.705 I  SecurityAgentHelper-arm64[2722:5995] [com.jamf.connect.login:Settings] Found managed preference in com.jamf.connect.login: OIDCNewPassword

As this is set to "false", per the instructions, I am also unsure where to go next with this.

I've also experienced this issue since the release of v.2.6.0.

A brand new Config Profile has been created with our Azure info entered and scoped to one machine only to test.

Unable to get past the "Invalid Request: Invalid Request:" issue when signing in with credentials the machine has never seen before.

The logging doesn't show any errors, but will show the following when attempting to "sync" the password: 

2021-11-03 14:42:45.705 I SecurityAgentHelper-arm64[2722:5995] [com.jamf.connect.login:Settings] Found managed preference in com.jamf.connect.login: OIDC Password


As this key is set to "false", per the release notes instructions, I am also unsure where to go next with this.

I've also experienced this issue since the release of v.2.6.0.

A brand new Config Profile has been created with our Azure info entered and scoped to one machine only to test.

Unable to get past the "Invalid Request: Invalid Request:" issue when signing in with credentials the machine has never seen before.

The logging doesn't show any errors, but will show the following when attempting to "sync" the password: 

2021-11-03 14:42:45.705 I SecurityAgentHelper-arm64[2722:5995] [com.jamf.connect.login:Settings] Found managed preference in com.jamf.connect.login: OIDC Password


As this key is set to "false", per the release notes instructions, I am also unsure where to go next with this.


When creating the profile in Jamf Pro with exactly the same settings as using the Connect Configuration tool it will give this error.

When creating a plist using the Jamf Configuration tool and importing it as custom plist it works just fine. Perhaps a bug in the Jamf Pro gui?

i experience the same as my predecessor describes here. with the variant in the plist it works, via the GUI of jamf not

We have the same issue here. Hoped to be fixed with 2.6.0 but no luck.

Are the devices domain joined? 
Are the accounts....mobile accounts?
We are in the process of migrating and the 2 above were true for us. What happens is if the machines have line of sight to the servers, the AD connection would block the passwords from syncing to local. 
We had to get it off network to work. 

Although saying that, 2.7.0 seems to resolve some issues.

Are the devices domain joined? 
Are the accounts....mobile accounts?
We are in the process of migrating and the 2 above were true for us. What happens is if the machines have line of sight to the servers, the AD connection would block the passwords from syncing to local. 
We had to get it off network to work. 

Although saying that, 2.7.0 seems to resolve some issues.


Hi MikeyK

Thank you for the inputs. After setting it alll up from scratch it finally worked, also with 2.7.0.

 

 

Are the devices domain joined? 
Are the accounts....mobile accounts?
We are in the process of migrating and the 2 above were true for us. What happens is if the machines have line of sight to the servers, the AD connection would block the passwords from syncing to local. 
We had to get it off network to work. 

Although saying that, 2.7.0 seems to resolve some issues.


This could make sense! I'll try again with 2.7 asap.

Terms & ConditionsCookie settings