Last week I set up the conditional access integration with Jamf, 2 test machines were added successfully, JamfAAD popup appeared and I was able to go through the authorization process in the keychain, then I registered another 10 machines, this time of other employees, but as I assume due to the fact that their main browser was not Safari, they did not receive a JamfAAD window during registration.
I thought that if they do it later (when logging in, for example, to office.com, mac asks for a certificate) there will be no problem, but today, after the weekend, I noticed that the machines do not report their status in Intune, as shown in the screenshots, the first one is my test Mac which I managed to add successfully, the second is another employee who does not report the status, does anyone know how can I fix it?
Today I decide to make some test with some custom settings for SSO Extention & JamfAAD, but as you can guess popup window still did not show up.
- My mac
- Other employee mac
I also include my current config for CA Integration
- JamfAAD Configuration
- SSO Extention
End users didnt get this JamfAAD window
already did that, I noticed that if execute this commands from terminal
sudo jamf manage and
/usr/local/jamf/bin/jamfAAD registerWithIntune
it works (tested on fresh enroll, and it only works when safari set as a default browser)
i use this profile, it takes away the need for defining a browser. i was having a ton of issues and this was the key contributor to resolving most of them.
