Help

JAMF Pro and Azure Cloud Identity Integration

smcshaner
New Contributor II

Posted on ‎07-14-2021 08:02 PM

We have just started our journey with JAMF Pro, I'm trying to understand at a basic level the best way to support user authentication to allow Automated Device Enrollment with Authentication to stop iPads from being setup without a user assigned. 

I have been told that we wont be using LDAP due to security issues, so we thought to use Azure AD Cloud Identity Integration with Jamf Cloud.

Has anyone done this? What challenges were faced? Did it change any workflows from traditional LDAP?

0 Kudos
3 REPLIES 3

iJake
Valued Contributor

Posted on ‎07-14-2021 08:42 PM

That piece is just for looking up user information. You'd still need to integrate Azure AD as an SSO provider for the authentication piece. The SAML response would contain a username and group information that would be looked up against Azure AD via the Cloud Identity integration. At a high level that's how it would work.

smcshaner
New Contributor II
In response to iJake

‎07-14-2021 08:43 PM - edited ‎07-14-2021 08:43 PM

Thanks that makes more sense

0 Kudos

jttavares
New Contributor III
In response to iJake

Posted on ‎11-03-2021 02:27 PM

Hi iJake. I have setup Azure as an SSO provider and Cloud Identity Provider successfully as mapping works fine for CIP.   Maybe you can shed some light on a problem I have. I thought once I setup Azure, I would be able to populate the User and Location info as hardware checks in, not just during enrollment, but that doesn't seem to occur.  I have a high turnover rate of staff going in and out of the company so we do not re-enroll hardware as staff leave but pass on the hardware with a new local account, matching the SAM in Azure.  This is very frustrating from an asset tracking perspective to not be able to get these inventory fields

to auto-populate.  Any help would be appreciated.  Thank you.

0 Kudos