Jamf Connect Verify doesn't prompt login automatically

New Contributor

Hi all,
I've had a ridiculously difficult time working with Jamf Connect login due to some challenges with our Wi-Fi environment. I have opted to use simply Jamf Connect Verify and I have been editing the plist. One of the keys in which I have used is 'ForceSignInWindow' which doesn't work properly. Initially after the use first logs in after the creation of an account and enrolment via pre-stage enrolment; the Jamf Connect Verify icon sits in the toolbar, but does not prompt login for synchronisation. Only when I click on the icon and select 'Sign In' does the login window force a sign-in, where it won't close until the password has synced with Azure. This is sub-optimal for a seamless user experience.

If anyone has some experience with setting up jamf connect verify alone or any solutions to my predicament, any suggestions would be greatly appreciated.



New Contributor

Exact same scenario and exact same issue. Would love for Jamf to chime in on this.

Here are some additional observations:

Besides not prompting the user to sign in, my users were also not getting Kerberos tickets after signing in. They were only getting Kerberos tickets when Jamf Connect Login creates the keychain entry (via the setting CreateVerifyPasswords = true). The reason? The username is case-sensitive. Jamf Connect Login passed it along in the correct case, while verify will accept all lower-case entries (for sign in, but then fail to get Kerberos tickets).

New Contributor II

What you describe is exactly what "ForceSignInWindow" is currently designed to do; it only keeps the signIn window up (and unclose-able) until the user submits the correct credentials. There is a feature request for the functionality you desire. Linked below.

Contributor II

I raised a ticket with Jamf about this as I thought t was a bug but apparently this is the intended way of it working I would expect force sign in window to behave like UseKeychainPrompt does in Jamf Connect Sync but it doesn't. I up voted the above feature request.