Jamf Connect Configuration

Jamf Connect Configuration is an app that allows administrators to automatically configure and create computer configuration profiles for Jamf Connect apps. You can use Jamf Connect Configuration to do the following:

  • Select and specify Jamf Connect preferences.

  • Test configurations.

  • Save configuration profiles, which you can install locally or upload for deployment with an MDM solution.

  • Open an existing Jamf Connect configuration profile.

Note: To successfully configure Jamf Connect, you must first integrate with your cloud identity provider (IdP). For instructions, see Integrating with an Identity Provider.

Creating a Configuration Profile

You can create a configuration profile for Jamf Connect using the setup assistant. The setup assistant can generate a configuration profile that includes the minimum keys needed to use Jamf Connect with your IdP. After using the setup assistant, you can either immediately save the configuration profile or configure additional settings.

Using the Setup Assistant

  1. Open Jamf Connect Configuration.

  2. Click New.

  3. Do the following in the Setup Assistant window:

    1. Choose your cloud identity provider (IdP) from the Identity Provider pop-up menu. Your IdP's required settings will display.

    2. Configure the required fields for your IdP.

      Note: Required keys vary based on your IdP.

  4. After configuring required settings, you can do one of the following:

    1. Click Save to generate and save a configuration profile.

    2. Click Advanced Setup to configure additional settings.

Configuring with Advanced Setup

Advanced setup includes additional settings that allow you to further customize and configure Jamf Connect for your organization. You can use advanced setup to open and modify settings in an already existing configuration profile or after completing the setup assistant steps.

Important: If you open an existing configuration profile with keys that are currently unsupported in the Jamf Connect Configuration UI, these keys will be automatically removed.

Identity Provider

The following settings can be configured on the Identity Provider pane:

  • Required Settings—You can change the required settings for your IdP. If you used the setup assistant to create your configuration profile, the set values will display.

  • Okta-Only Settings—If Okta is your IdP, you can specify the client IDs of any Jamf Connect Login apps you have created in the Okta admin dashboard. Creating OIDC apps for Jamf Connect Login allows for additional control of user creation on computers. For more information, see Configuring Jamf Connect Login with Okta.

  • Advanced OpenID Connect (OIDC)—Advanced settings allow for configuring a custom IdP or additional values, such as a tenant and client secret, in the configuration profile.

Login

The following settings can be configured on the Login pane:

  • User Creation—These settings determine how the user is created on the computer.

  • Appearance—Display custom images on the login screen.

  • Help—Specify a Help URL, log, or file that users can access in the login window.

  • Script—Specify the path to a script or other executable and script arguments.

  • End User License Agreement (EULA)—Display a EULA window that users must accept before logging in.

    Note: You must also enable the Jamf Connect Login EULA and RunScript mechanisms before configuring EULA or script settings. For instructions, see Additonal Mechanisms.

Sync

The following settings can be configured on the Sync pane:

  • General Settings—These settings include password and keychain management settings.

  • Kerberos—You can enable and configure Kerberos authentication.

Verify

The following settings can be configured on the Verify pane:

  • Fail Tool Path—You can specify a path to a custom tool to use on password failure.

  • Password—Configure how often the local and network passwords are verified and URLs for changing and resetting passwords.

  • KerberosYou can enable and configure Kerberos authentication.

Testing your Configuration Profile

You can use Jamf Connect Configuration to test your configuration profile before exporting. Complete the following to test your configuration:

Testing an OIDC Connection

  1. Click OIDC Test. Your IdP's login window should display.

  2. Log in with a valid username and password that has been assigned Jamf Connect Login in your IdP's admin console, portal, or a similar tool. One of the following will occur:

    • If you successfully log in, your configuration is working and ready to save.

    • If you are unable to log in, your configuration needs additional settings or contains errors. Review your settings and repeat the testing process.

  3. Click Save to create your configuration profile.

Testing an Okta Connection

  1. Click Okta Test. The Okta AuthServer Test window should display.

  2. Enter a valid username and password and click Sign In. One of the following will occur:

    • If you successfully log in, your configuration is working and ready to save.

    • If you are unable to log in, your configuration needs additional settings or contains errors. Review your settings and repeat the testing process.

  3. Click Save to create your configuration profile.

Uploading a Configuration Profile to an MDM solution

You can upload configuration profiles locally or to an MDM solution.

Note: If using Jamf Pro, you must sign the configuration profile before uploading.

For information about uploading configuration profiles to Jamf Pro, see the following resources:

Preferences

The following preferences are available for Jamf Connect Configuration:

  • Sign Mobile Configuration on save—Require all configuration profiles be signed by a certificate before they are saved. This preference is disabled by default.

  • Enable App Analytics—Allow Jamf to collect app analytics. This preference is disabled by default.

    Note: This setting requires a computer restart to be enabled.

Related Information

For related information about configuring Jamf Connect, including all available preference keys, see the following sections of this guide:

Copyright     Privacy Policy     Terms of Use     Security
© copyright 2002-2019 Jamf. All rights reserved.