Help

JAMF SSO Customizations

rkeleghan
New Contributor III

Posted on ‎04-25-2022 06:00 AM

Hi All,

Has any-one come across where JAMF Pro fails to gather the user / location information during enrolment when SSO customisation is part of your DEP workflow ...

When my user auth to OKTA during SSO customisation - Auth goes through just fine but no user / location information is submitted into JAMF Pro .. 

If i switch back to LDAP auth the info is collected and stored...

Any ideas?

Thanks

Rob

0 Kudos
Reply
2 REPLIES 2

mainelysteve
Valued Contributor II

‎04-25-2022 12:35 PM - edited ‎04-28-2022 04:40 AM

The scope of information shared by an IdP is generally not quite as big as LDAP. At the most you'll get Fn, Ln, email and maybe a group name or two. If Okta has an LDAP service I'd have it configured in Jamf Pro to do the lookups for locations, etc. and keep SSO in play for authentication. 

See here for more information. 

Helps if I actually read the first sentence ;) . Double check your enrollment customization pane and ensure it's passing the necessary attributes i.e. name, email, etc. and that your username attribute in the SSO configuration was set to the proper attribute. You could also nuke and pave the SSO settings and the enrollment customization pane and try it again.

0 Kudos
Reply

mickgrant
Contributor III

Posted on ‎04-27-2022 08:55 PM

yes, I am seeing this as well.
SSO enrolment customisation does not seem to be passing the login information through to complete the LDAP lookup.

Reply