Known Issues

As part of our ongoing effort to ensure that content we publish is meaningful, the known issues list includes only high-impacting issues that meet the minimum requirements for Jamf Connect.

Bold formatting indicates newly included issues.

Jamf Connect Configuration

The following issue is known in Jamf Connect Configuration:

[PI-007810] When "GoogleID" is selected in the Identity Provider pop-up menu, some of the required keys to configure Jamf Connect with Google Cloud ID are missing.
Workaround: In the "Advanced OIDC" section, enter a redirect URI in the OIDC Redirect URI field.

Jamf Connect Login

The following issues are known in Jamf Connect Login:

  • [PI-007042] Sudo authentication with the pluggable authentication module (PAM) fails when integrated with Microsoft Azure AD.

  • [PI-007101] When using Google ID for authentication, a prompt for new users who are required to enroll in multi-factor authentication (MFA) is not displayed.

  • [PI-007225] Jamf Connect Login uses the "groups" attribute in the user's ID token by default for all cloud identity providers (IdPs) when determining if a user should be created as a local admin.
    Workaround: Use the OIDCAdminAttribute preference key to change the ID token attribute used to create local admins as needed. If your IdP is Microsoft Azure AD, for example, set this key to "roles".

  • [PI-007246] After changing their network password in the Azure Portal, users are not prompted to update their local account password to match their new network password during their next log in, which may fail.
    Workaround: Log in with local authentication, if enabled, using the old password, and then allow Jamf Connect Verify to sync the network and local passwords.

  • [PI-007341] When PAM authentication and Duo MFA are enabled for Okta users, the Duo MFA window does not correctly display.

  • [PI-007551] Executing the authchanger -reset binary command prevents the FileVault password reset process from accepting new passwords.

  • [PI-007580] On macOS 10.15.0 or later, the default shell for users created by Jamf Connect Login is set to bash.

  • [PI-007581] When used with Jamf Connect Sync, the UserLoginName value is sometimes not preserved after a user’s first logout, causing the user’s username to be missing from the Jamf Connect Sync login menu bar.

  • [PI-007651] When Jamf Connect Login is configured with Okta and the DenyLocal and Migrate preference keys are set to true, DenyLocal is not enforced and users can log in with any local account credentials.

Jamf Connect Sync

The following issues are known in Jamf Connect Sync:

  • [PI-007085] When an end user's Okta password is changed in the Okta Dashboard, Jamf Connect Sync may not prompt the end user to re-sync their new Okta password with their local password.
    Workaround: Quit Jamf Connect Sync, and then open and sign in to the app again.

  • [PI-007088] When "Automatically push last MultiFactor" is enabled and an end user's password is changed in the Okta Dashboard, signing in to Jamf Connect Sync with the new password may cause the the MFA push to stall.

  • [PI-007242] Jamf Connect Sync fails to display security question MFA prompts to users.

  • [PI-007581] After logging in with Jamf Connect Login using local authentication, Jamf Connect Sync may no longer display the user's username in the Jamf Connect Sync menubar, which prevents the app from using the Jamf Connect Sync keychain item for authentication.
    Workaround: Prohibit local authentication by setting the DenyLocal preference key.

  • [PI-007628] When a user’s password is changed outside of the Jamf Connect Sync application, a password change prompt appears with the password autofilled instead of the username.

  • [PI-007719] When connected to a network without an internet connection, Jamf Connect Sync unexpectedly attempts to check in with Okta, and then deletes its keychain item after the check in fails.

Jamf Connect Verify

The following issues are known in Jamf Connect Verify:

  • [PI-007284] When file shares are configured with Jamf Connect Verify and Time Machine backups are configured and stored on a Time Capsule, Jamf Connect Verify will crash when Time Machine runs.

  • [PI-007628] When a user’s password is changed outside of the Jamf Connect Verify application, a password change prompt appears with the password autofilled instead of the username.

  • [PI-007694] Jamf Connect Verify may fail to update the login keychain password.

  • [PI-007706] Jamf Connect Verify cannot auto mount more than one file share at a time.

  • [PI-007723] The Self Service menu bar item cannot open a custom file path that contains spaces.

  • [PI-007725] Jamf Connect Verify does not respect the MenuIconActive preference key.

Copyright     Privacy Policy     Terms of Use     Security
© copyright 2002-2020 Jamf. All rights reserved.