Posted on 03-11-2019 11:30 AM
I have got Jamf Connect Login to work, now messing with Jamf Connect Verify. I attached a screenshot to show the settings I have configured. However the icon in the toolbar never goes green, I click sign in and it seems like it takes my password, when I hit Kerberos tickets though nothing happens. Any suggestions
?
Posted on 03-11-2019 12:49 PM
This isn't exactly the same scenario, but I ran into something very similar when helping set up NoMAD for a customer. Since Jamf Connect is derived from NoMAD, this may be the same case. It turned out that the issue was the Kerberos realm needed to be ALL CAPS to work. Lowercase for Kerberos Realm would look like it was taking the login, but would never actually log the client into the utility, until we changed the profile pushing the setting to use all caps for the realm. Then it all started to click.
Try doing that and seeing if it helps.
Posted on 03-15-2019 06:36 AM
No luck when putting the Kerberos realm in all caps. Still seems like it takes the sign in but the icon never goes green.
Posted on 03-19-2019 07:12 AM
@bmichael I have the same issue
Posted on 03-19-2019 10:06 AM
Not necessarily helpful, but I'm in the same place. Connect Login is working, so I don't think it's anything on the Azure side. And I can set up NoMad with our on-prem AD and that works just fine, but no luck for verify with azure. I can't even get it to display days until password expiration.
Posted on 03-19-2019 07:59 PM
After much research and talking to over macadmins Jamf Connect Verify with AzureAD only doesn't support kerberos tickets as AzureAD doesn't have kerberos tickets. It's just a identy provider nothing more.
Posted on 03-20-2019 07:56 AM
@kericson Any idea why it wouldn't even be giving password expiration, or getting the icon to go green?
Posted on 03-20-2019 08:08 AM
@maxwell.mcleod Good question, but no I'm not sure on that.
Posted on 03-20-2019 12:06 PM
Same Issue here. once we finally got it to turn green and a restart happens the kerb is lost from the Keychain. There is a problem ticket in with JAMF
Posted on 03-21-2019 06:16 AM
Would not having write through enabled have anything to do with the issue? I believe they have ours setup using password hash currently.
Posted on 03-21-2019 08:13 AM
I am also having this issue. In our environment though our Domain Controllers are tucked away on a separate subnet so even though we have Azure setup with AD in a hybrid environment I believe that Jamf Connect Verify needs to talk to the DCs to get the kerberos tickets. I haven't been able to test my theory yet though. I know for sure with NoMAD I would only get kerberos tickets when on the same network as the Domain Controllers. I thought with Jamf Connect Verify this would work with Azure so a computer would be able to get tickets on any network. It seems like you still need access to the domain controllers. This could also be due to the fact that our Macs are not on the secure network because of PII etc.
Posted on 07-29-2019 02:30 PM
I'm having this issue as well.
Posted on 03-04-2020 06:11 AM
Having same exact issue here. Has anyone managed to fix this?