Help

Changing Azure Email address with Jamf Connect Login

Go to solution
juz
New Contributor II

Posted on ‎04-25-2023 06:05 PM

Hello,

I'm searching for a solution to an issue I'm facing with the JAMF Connect Login Process when changing the primary email address.

Our identity provider is Azure. If we attempt to change a users primary address from eg.(john@company.com) to something else like (john.jones@company.com) and make (john@company.com) an alias for this account, Jamf Connect login will make a new account for this user as the new primary address does not correspond to the account previously created.

Is there a way for this user to keep the same account while undergoing a primary address change?

Thank you

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
juz
New Contributor II

Posted on ‎01-18-2024 03:28 PM

This ended up working for me,

dscl . delete /Users/$user dsAttrTypeStandard:NetworkUser
dscl . delete /Users/$user dsAttrTypeStandard:OIDCProvider
dscl . delete /Users/$user dsAttrTypeStandard:OktaUser
dscl . delete /Users/$user dsAttrTypeStandard:AzureUser

View solution in original post

0 Kudos
6 REPLIES 6

Go to solution
AJPinto
Honored Contributor II

Posted on ‎04-26-2023 04:56 AM

MacOS has no idea what JAMF Connect is doing, macOS just sees a userID and creds getting fed to it. If the userID does not match an existing userID on the device, macOS is told to create a new account. Honestly, I don't think there is a solution to your situation beyond scripting migrating the users files to the new profile.

0 Kudos

Go to solution
bwoods
Valued Contributor

‎04-26-2023 07:53 AM - edited ‎04-26-2023 07:55 AM

I think you can just uninstall jamf connect > deploy a profile with migration enabled > reinstall jamf connect. The next time the user attempts to log in, jamf connect login will ask you to migrate one of the local accounts. You may also need to remove any jamf connect keychains on the system as well. (Just use the uninstaller.app) This is all in theory though.

0 Kudos

Go to solution
bwoods
Valued Contributor

Posted on ‎04-26-2023 07:54 AM

bwoods_0-1682520864911.png

 

0 Kudos

Go to solution
juz
New Contributor II

Posted on ‎01-18-2024 03:28 PM

This ended up working for me,

dscl . delete /Users/$user dsAttrTypeStandard:NetworkUser
dscl . delete /Users/$user dsAttrTypeStandard:OIDCProvider
dscl . delete /Users/$user dsAttrTypeStandard:OktaUser
dscl . delete /Users/$user dsAttrTypeStandard:AzureUser
0 Kudos

Go to solution
alexac
New Contributor
In response to juz

Posted on ‎02-21-2024 12:12 PM

I'm running into a similar issue while testing UPN changes. Did you have to run those commands on the old account and then have the user sign back in through the Jamf connect login window for the migration options to show?

0 Kudos

Go to solution
juz
New Contributor II
In response to alexac

Posted on ‎02-21-2024 02:03 PM

correct

0 Kudos