I am working on deploying Platform SSO using Microsoft Entra ID. I have followed the steps outlined here:
https://learn.jamf.com/en-US/bundle/technical-articles/page/Platform_SSO_for_Microsoft_Entra_ID.html...
This seems to be working really well. I created a guide for my users to educate them about the steps that are needed to get registered to use Platform SSO. My current SSO implementation uses Kerberos. The URLS for our current SSO are our internal AD servers that also sync with Entra ID. When it is time for users to reset their password (90 days), they are notified 2 weeks in advance and notified again later. When they are ready to change their password, they can do so using the menubar icon. We are also syncing the user's local Mac password with their AD account password. When the user changes their AD password, the local Mac password is also changed to match. It's a very simple process to follow.
I have been trying to find out what the user experience is for making a password change using Platform SSO with Entra ID. This SSO configuation leverages the Microsoft Company Portal app. To get setup to use Platform SSO, the user does not need to launch the app manually and login. They are prompted to do the setup after the profile gets installed. Does anyone know what the password change process is? Are users prompted?
