Known Issues

As part of our ongoing effort to ensure that content we publish is meaningful, the known issues list includes only high-impacting issues that meet the minimum requirements for Jamf Connect.

Jamf Connect Login

The following issues are known in Jamf Connect Login:

  • [PI-006829] When Jamf Connect Login is integrated with Microsoft Azure AD and ADFS (Active Directory Federated Services), local password and account creation fail.

  • [PI-006872] The Jamf Connect login window is not centered on-screen when the computer is connected to an external monitor.

  • [PI-007042] Sudo authentication with the pluggable authentication module (PAM) fails when integrated with Microsoft Azure AD.

  • [PI-007101] When integrated with Google ID, a prompt for new users who are required to enroll in multi-factor authentication (MFA) is not displayed.

  • [PI-007225] Jamf Connect Login uses the "groups" attribute in the user's ID token by default for all cloud identity providers (IdPs) when determining if a user should be created as a local admin.
    Workaround: Use the OIDCAdminAttribute preference key to change the ID token attribute used to create local admins as needed. If your IdP is Microsoft Azure AD, for example, set this key to "roles".

  • [PI-007246] After changing their network password in the Azure Portal, users are not prompted to update their local account password to match their new network password during their next log in, which may fail.
    Workaround: Log in with local authentication, if enabled, using the old password, and then allow Jamf Connect Verify to sync the network and local passwords.

  • [PI-007254] When integrated with Okta, login may fail when user migration is enabled with a one-time password (OTP) MFA method.

  • [PI-007341] When using the pluggable authentication module (PAM) with Okta and Duo multi-factor authentication (MFA) is required for the user, Duo MFA prompts do not display and prevent authentication.

  • [PI-007341] When PAM authentication and Duo MFA are enabled for Okta users, the Duo MFA window does not correctly display.

  • [PI-007355] When creating a new local account based on an Azure AD username formatted as, the new local account user name is created as "John JohnDoe".
    Workaround: After account creation, navigate to System Preferences > User Groups, and right-hand click the user to access the Advanced Options window and change the username.

Jamf Connect Sync

The following issues are known in Jamf Connect Sync:

  • [PI-007085] When an end user's Okta password is changed in the Okta Dashboard, Jamf Connect Sync may not prompt the end user to re-sync their Okta password with their local password.
    Workaround: Quit Jamf Connect Sync, and then open and sign in to the app again.

  • [PI-007088] When "Automatically push last MultiFactor" is enabled and an end user's password is changed in the Okta Dashboard, signing in to Jamf Connect Sync with the new password may cause the the MFA push to stall.

  • [PI-007242] Jamf Connect Sync fails to display security question MFA prompts to users.

Jamf Connect Verify

The following issues are known in Jamf Connect Verify:

  • [PI-007220] When Kerberos authentication is enabled, Kerberos tickets are not automatically obtained on initial log in, if a keychain item for Jamf Connect Verify does not exist.

  • Workaround: After signing in, click Kerberos Tickets in the Jamf Connect Verify menubar. If using Jamf Connect Login to provision users, set the CreateVerifyPasswords preference key to true, which will create a keychain item for Jamf Connect Verify.

  • [PI-007284] When file shares are configured with Jamf Connect Verify and Time Machine backups are configured and stored on a Time Capsule, Jamf Connect Verify will crash when Time Machine runs.

Copyright     Privacy Policy     Terms of Use     Security
© copyright 2002-2019 Jamf. All rights reserved.