Jamf Nation Community

kgam · ‎09-26-2020

We are new to Jamf and in our initial setup we are using single sign-on (Azure) during User-Initiated Enrollment but the username of the authenticating user is not added under "User and Location" of the enrolled computer. Is it correct that this step requires LDAP or is there something wrong with our setup?

We only have admins created in Jamf Pro under "Jamf Pro User Accounts & Groups".
Enable Single Sign-On for User-Initiated Enrollment = enabled
Allow users to bypass the Single Sign-On authentication = disabled

Found this in the manual which indicates that it should work:
User-Initiated Enrollment (iOS and macOS)—Users must authenticate with an IdP to complete User-initiated Enrollment. The username entered during SSO authentication will be used by Jamf Pro to populate the Username field in the User and Location category during an inventory update.

Thank you.

LangStefan · ‎09-26-2020

That is a known issue. Sometimes the username is empty. No solution available so far.

kgam · ‎09-28-2020

Anything I can try and change in our setup to maybe trigger it to work or is this just a random problem?

martin · ‎10-03-2020

@LangStefan, do you have a PI for that? I'm seeing the same behaviour.

LangStefan · ‎10-03-2020

Puuuhh...I read that 1-2 weeks ago here on Jamf Nation or on Slack. And this guy also said, that there is no official PI. I just can share my experience: It works fine, when you authenticate with a user inside your tenant. With external users it often stays empty or the formatting is wrong. Maybe you can play a little bit with the claim-setting in Azure for better results.

kgam · ‎10-08-2020

I've had the following PI referenced by Jamf Support: "PI-007987: Pre-fill primary account information not filling for SSO."
There is no solution yet but the issue is still open and being actively worked on.

Jamf Nation Community

Single sign-on and User and Location