JAMF Connect

New Contributor II

Hey Everyone, 

I wanted to know if there is a way to differentiate admin and standard users when they login to their computer through jamf connect 


I noticed when i log in i am set as a standard users is there a change i can make to have it where some users are standard and some are admins? 


Esteemed Contributor

Depends on what IDP you use. If you use Okta, you can make a separate Okta App that targets an AD group and users in that group have their accounts created as Admin. Beyond that, you can make policies in JAMF Pro to promote people to Admin. I prefer to leave Admin Access as SelfService rather than automating it.

New Contributor II

yeah my manager is a super admin in okta so i assume he can make changes on his end to promote user to admin and others to standard users correct?

Esteemed Contributor

Yep. You should just need a second Okta App for JAMF Connect, and that second app targets a specific AD group. When a user logs in to Okta (JAMF Connect), Okta will check their AD groups and pick a work flow based on their AD groups. 


For example, all users can auth macOS with Okta/JAMF Connect. If a User has the Mac_Admins AD group, Okta will give them Admin Access when they log in as they will use a different Okta App for JAMF Connect.
