Jamf Connect is a great product but what seems an annoyance to some is now gone in version 2.6.
Prior to 2.6 when using Azure (at the Jamf Connect login you entered your MS login ID, your password and then you would be asked to verify the password again to get into your Mac which did not seem a great UX and users could not understand why and they really do not like repetitive password entries. In 2.6 Jamf have added passthrough
“Passthrough authentication with Jamf Connect allows the password entered by users in the login window web view to be sent to Jamf Connect for local authentication”
https://docs.jamf.com/jamf-connect/2.6.0/documentation/Passthrough_Authentication.html
As a Jamf customer when I heard this might be coming I started signing up for Jamf Connect Betas and in beta 2.6 it was introduced and we had up and running in 10 minutes.
All it takes to add the passthrough is one extra key and value in your Profile config.
Just add
<key>OIDCUsePassthroughAuth</key>
<true/>
<key>OIDCNewPassword</key>
<false/>
Such a simple change to implement but makes a whole load of difference to the users.
If you use Google Cloud ID this is also available and I suspect other IdP will follow.
Now jamf, please can you make the password change consistent when a user is on-site or connected to VPN and we are using Kerberos and not when on onsite/VPN as it changes between a direct AD password or your cloud providers web-based version. I would really like the ability to overrule the on-site/VPN to use the cloud version, again for a consistent user experience.
