JAMF Pro and Azure Cloud Identity Integration

smcshaner
New Contributor II

We have just started our journey with JAMF Pro, I'm trying to understand at a basic level the best way to support user authentication to allow Automated Device Enrollment with Authentication to stop iPads from being setup without a user assigned. 

I have been told that we wont be using LDAP due to security issues, so we thought to use Azure AD Cloud Identity Integration with Jamf Cloud.

Has anyone done this? What challenges were faced? Did it change any workflows from traditional LDAP?

1 ACCEPTED SOLUTION

Dickerson56
New Contributor

Integrating Jamf Pro with Azure AD as an identity provider allows for the following LDAP workflows without the need to configure Azure AD Domain Services: Look up all users and groups for inventory purposes. Performing user membership lookups and use them to map privileges to relevant accounts in Jamf Pro.

 

dgcustomerfirst

View solution in original post

3 REPLIES 3

iJake
Valued Contributor

That piece is just for looking up user information. You'd still need to integrate Azure AD as an SSO provider for the authentication piece. The SAML response would contain a username and group information that would be looked up against Azure AD via the Cloud Identity integration. At a high level that's how it would work.

smcshaner
New Contributor II

Thanks that makes more sense

Dickerson56
New Contributor

Integrating Jamf Pro with Azure AD as an identity provider allows for the following LDAP workflows without the need to configure Azure AD Domain Services: Look up all users and groups for inventory purposes. Performing user membership lookups and use them to map privileges to relevant accounts in Jamf Pro.

 

dgcustomerfirst

View solution in original post