Existing Local Account Migrations

Jamf Connect can connect existing local user accounts to IdP user accounts using the User Migration setting. The following steps describe the user experience a user should experience when User Migration is enabled.

  1. After Jamf Connect is installed, the macOS login window is replaced with the Jamf Connect login window.
    Azure IdP Network login window with Shut Down, Restart, Local Login, and Refresh buttons at the bottom and a step indicator at the top with Authenticate and Verify steps.

    The Azure IdP login window.

  2. The user logs in with their network account credentials.

  3. (Optional) If MFA is configured, the user is prompted to select and complete the challenge. The appearance may vary depending on which IdP you are using and how MFA is configured.

  4. If the user's network short name does not match an existing local short name, the user is prompted to select a local account to connect to the network account. If the network short name matches an existing local short name, this step is automatically skipped.
    Connect local account migration screen where a user selects a local account to connect with their network account.

  5. If the local account password matches the network account password, the user is logged in. If the passwords do not match, Jamf Connect prompts the user to sync them.

  6. The local user account password is synced with the network password, and the user is logged in. Jamf Connect adds the network username as an alias to that local account.