SSO Authentication on PreStage Enrollment Customization Not working on M2 devices

dfracassa
New Contributor III

Hello everyone,

I have a strange issue happening on the M2s and it is running me nuts, I hope that someone can help. I have not open a case with Jamf support yet, that will be my last resort.

Long story short, I have an SSO Authentication customization that is supposed to happen during the PreStage enrollment so that our users can authenticate via our IdP (OKTA) so the macbook gets automatically assigned to the user enrolling and go through the provisioning process. Well this is working great for Intel and M1 macOS devices, but when we are deploying the M2s in somehow the SSO authentication window does not appear, and it goes through the enrollment process and stops at the Account Creation setup assistant, where the User details will need to be punched in manually instead of getting them carried over from the assigned user.

Obviously the config works on the older macbook, I cannot figure out what would be so different on the M2 that could prevent that SSO window to come up at the enrollment process.

Does anyone have any idea? 

 

1 REPLY 1

deborah621
New Contributor

For the Pre-fill primary account information setting to work, some form of authentication prior to the setup assistant is necessary. This could be either SSO customization or LDAP “require authentication” to pass user account information and lock it in the setup assistant. If you’re using Jamf Connect, ensure that the Enrollment Customizations configuration and the Jamf Connect Login installer package are correctly set up. The installer packages must be stored at a cloud-based HTTPS distribution point. Confirm that your SSO integration with Jamf Pro is complete and functional. The SSO authentication as part of an Enrollment Customization configuration needs to pass user information to Jamf Connect properly. 

 

Manage Indigo card