While testing ADFS SSO without LDAP integration in my sandbox environment, I discovered only LDAP groups can be used in policy scopes. I'm testing to see if my environment can be made SSO only without LDAP integration but so far, it works fine for Jamf Pro website and device enrollment website but not Self Service if the policy is limited by user group membership. Has anyone else encountered this problem too? I also submitted a feature request at https://ideas.jamf.com/ideas/JN-I-26871 and would like to invite everyone to review it and upvote it if they can.
