JAMF SSO Customizations

New Contributor III

Hi All,

Has any-one come across where JAMF Pro fails to gather the user / location information during enrolment when SSO customisation is part of your DEP workflow ...

When my user auth to OKTA during SSO customisation - Auth goes through just fine but no user / location information is submitted into JAMF Pro .. 

If i switch back to LDAP auth the info is collected and stored...

Any ideas?




Valued Contributor II

The scope of information shared by an IdP is generally not quite as big as LDAP. At the most you'll get Fn, Ln, email and maybe a group name or two. If Okta has an LDAP service I'd have it configured in Jamf Pro to do the lookups for locations, etc. and keep SSO in play for authentication. 

See here for more information. 

Helps if I actually read the first sentence ;) . Double check your enrollment customization pane and ensure it's passing the necessary attributes i.e. name, email, etc. and that your username attribute in the SSO configuration was set to the proper attribute. You could also nuke and pave the SSO settings and the enrollment customization pane and try it again.

Contributor III

yes, I am seeing this as well.
SSO enrolment customisation does not seem to be passing the login information through to complete the LDAP lookup.