State Settings and User Status
You can track app and user status settings via Jamf Connect's state settings. These settings are stored in the com.jamf.connect.state preference domain and include the following:
-
User information—User attributes, such as a user's display name from the cloud identity provider (IdP) and their email address.
-
Password information—Details about a user's password settings, such as their password expiration date or password complexity requirements found in Active Directory.
-
App information—Details about Jamf Connect processes, such as if the app has been opened by the user and timestamps of the last sign-in or app notification.
To read Jamf Connect state settings on a computer, execute the following command:
defaults read com.jamf.connect.state
Keep the following in mind when viewing Jamf Connect state settings:
-
State settings should not be configured or edited by users. Manual changes to these settings may cause unintended behavior in Jamf Connect.
-
State settings are obtained from your organization's cloud identity provider (IdP) or Active Directory domain. Values that cannot be found by Jamf Connect will not be available in the state settings preference domain.
Jamf Connect Extension Attributes
If you use Jamf Pro, you can use Jamf Connect extension attribute templates to collect Jamf Connect data from computers using Jamf Pro. Jamf Connect extension attribute templates collect data from the Jamf Connect state settings on computers.
For instructions on creating an extension attribute from a template in Jamf Pro, see the Computer Extension Attributes section in the Jamf Pro Administrator's Guide.
Jamf Connect State Settings
The following table contains all the available Jamf Connect state settings.
Important: Jamf Connect state settings should not be configured or edited. Manual changes to these settings may cause unintended behavior in Jamf Connect.
|
Key |
Description |
|
ADExpiration |
The date the user's network password expires |
|
DisplayName |
The full name of the user in your identity provider (IdP) |
|
ExpirationWarningLast |
A timestamp of the last password expiration notification |
|
FirstRunDone |
A boolean value that confirms whether a user has opened Jamf Connect at least one time |
|
LastCertificateExpiration |
A timestamp of when the last Windows CA certificate will expire for the user |
|
LastSignIn |
A timestamp of the last successful sign-in with Jamf Connect |
|
PasswordLength |
A network password length requirement found for the user |
|
PasswordCurrent |
A boolean value that confirms whether the user's network and local passwords are in sync. |
|
UserEmail |
The user's email address |
|
UserFirstName |
The first name of the user |
|
UserGroups |
Group membership of the user in your identity provider |
|
UserLastName |
The last name of the user |
|
UserLoginName |
The network username of the last user to sign in with Jamf Connect on the computer |
|
UserShortName |
The short name of the user |
|
CustomShortName |
A short name that was entered by the user via the AskForShortName preference in Jamf Connect. |
|
UserUPN |
The UPN of the user |
|
UserCN |
The CN of the user. This value only appears if Kerberos is configured with Jamf Connect. |
|
ComputedPasswordExpireDate |
The date the user's Active Directory password expires. This value only appears if Kerberos is configured with Jamf Connect. |
|
UserPasswordSet |
The date the user last set a new password. This value only appears if Kerberos is configured with Jamf Connect. |
|
UserHomeDirectory |
The home directory of the user. This value only appears if Kerberos is configured with Jamf Connect. |