Local Account Creation after Automated Device Enrollment

The following describes a typical user experience when your MDM solution deploys Jamf Connect immediately following an Automated Device Enrollment (formerly DEP) workflow:

• If Okta authentication is used, Jamf Connect's user interface displays. If OpenID Connect authentication is configured, a web view with your IdP's login screen displays.

• If required by your IdP, the user may be prompted with multifactor authentication (MFA) challenge on another device.

1. The user follows on-screen steps to complete Apple's Setup Assistant and enroll the computer in MDM.

2. When the Jamf Connect login window displays, the user must log in with their network username or password.

   

   Notes:

   • If Okta authentication is used, Jamf Connect's user interface displays. If OpenID Connect authentication is configured, a web view with your IdP's login screen displays.

   • If required by your IdP, the user may be prompted with a multifactor authentication (MFA) challenge on another device.

3. (OpenID Connect only) Depending on the Create a Separate Local Password (OIDCNewPassword) setting configuration, the user will be prompted to do one of the following:

   • If enabled, the user is prompted to create a password for their new local account.
     

   • If disabled, the user is prompted to re-enter their network password for their new local account. This ensures that a user's network and local password are synchronized during the account provisioning process.
     

4. The user clicks Create Account.

The computer completes the setup process and loads the Finder.