Jamf Connect Verify Issue

bmichael
New Contributor III

I have got Jamf Connect Login to work, now messing with Jamf Connect Verify. I attached a screenshot to show the settings I have configured. However the icon in the toolbar never goes green, I click sign in and it seems like it takes my password, when I hit Kerberos tickets though nothing happens. Any suggestionsddde4ec3ba8147d59e81627e237b9667
?

12 REPLIES 12

mm2270
Legendary Contributor III

This isn't exactly the same scenario, but I ran into something very similar when helping set up NoMAD for a customer. Since Jamf Connect is derived from NoMAD, this may be the same case. It turned out that the issue was the Kerberos realm needed to be ALL CAPS to work. Lowercase for Kerberos Realm would look like it was taking the login, but would never actually log the client into the utility, until we changed the profile pushing the setting to use all caps for the realm. Then it all started to click.

Try doing that and seeing if it helps.

bmichael
New Contributor III

No luck when putting the Kerberos realm in all caps. Still seems like it takes the sign in but the icon never goes green.

KyleEricson
Valued Contributor

@bmichael I have the same issue


Hire me as an independent contractor.

maxwell_mcleod
New Contributor

Not necessarily helpful, but I'm in the same place. Connect Login is working, so I don't think it's anything on the Azure side. And I can set up NoMad with our on-prem AD and that works just fine, but no luck for verify with azure. I can't even get it to display days until password expiration.

KyleEricson
Valued Contributor

After much research and talking to over macadmins Jamf Connect Verify with AzureAD only doesn't support kerberos tickets as AzureAD doesn't have kerberos tickets. It's just a identy provider nothing more.


Hire me as an independent contractor.

maxwell_mcleod
New Contributor

@kericson Any idea why it wouldn't even be giving password expiration, or getting the icon to go green?

KyleEricson
Valued Contributor

@maxwell.mcleod Good question, but no I'm not sure on that.


Hire me as an independent contractor.

dustink
New Contributor II

Same Issue here. once we finally got it to turn green and a restart happens the kerb is lost from the Keychain. There is a problem ticket in with JAMF

bmichael
New Contributor III

Would not having write through enabled have anything to do with the issue? I believe they have ours setup using password hash currently.

coryhowell2
New Contributor III

I am also having this issue. In our environment though our Domain Controllers are tucked away on a separate subnet so even though we have Azure setup with AD in a hybrid environment I believe that Jamf Connect Verify needs to talk to the DCs to get the kerberos tickets. I haven't been able to test my theory yet though. I know for sure with NoMAD I would only get kerberos tickets when on the same network as the Domain Controllers. I thought with Jamf Connect Verify this would work with Azure so a computer would be able to get tickets on any network. It seems like you still need access to the domain controllers. This could also be due to the fact that our Macs are not on the secure network because of PII etc.

HeyWhosTheMacGu
New Contributor II

I'm having this issue as well.

perryd
Contributor

Having same exact issue here. Has anyone managed to fix this?