Hello!
Our organization uses Intune for our standard MDM (iOS and Android devices), and has just recently purchased Jamf for macOS management.
I'm working on getting everything working with the Intune connector, and running o365 apps (teams, outlook, office, Skype) on our Macs. However, I'm having kind of a rough end user experience.
I made a smart group for the initial Intune Integration trigger once devices have started their FV2 encryption, so that devices show up in Intune as being compliant right off the bat. Once the users sign into Company Portal, they're taken to the Jamf AAD integration, and are prompted for 2FA (in our environment, this is done when registering a device with AAD). Once they're totally enrolled, it seems to work fine, a user can launch Outlook, and sign in to get mail without issue.
However...there are an absurd amount of login prompts. There's prompts to login to each app category (login to Outlook, login to Teams, login to Office, login to Skype), then there's keychain login prompts for each app (I've found these can be suppressed by just clicking always allow, rather than allow), then there's occasional re-logins in the communication apps (Outlook and Teams), and in our environment there's auto-discovery redirect logins in Outlook.
It's frustrating to say the least...I'm wondering a few things...Is this an issue that everyone has seen/encountered? Is it an issue with our environment? Or Jamf? Or Microsoft? Or a combination of all 3?
I'm planning to do a fresh build tomorrow and capture some screenshots and get a counter on how many prompts a user actually gets for credentials. It's also worth noting we haven't setup our SAML/OpenAM integration yet, so I'm wondering if that could also help...