About Jamf Connect

The login window is an authorization plug-in that modifies the default macOS login process and login window UI.

The network login window for Azure.

A user's local login displays with a password field and a button with a phone icon for singing in with Unlock. The Enable Jamf Unlock switch appears at the bottom of the screen if the user is paired with Jamf Unlock.

The login window can perform the following tasks on computers:

• Enable authentication to the Mac with a cloud identity provider (IdPs)

• Enforce multifactor authentication (MFA) requirements

• Create local accounts during an Apple provisioning workflow

• Enable FileVault

• Link a user's network account with an existing local account

• Convert a mobile account into a local account (demobilization)

• Display custom branding, including a custom background

For more information about end user experiences, see End User Experience and Workflows.

The menu bar app helps users manage their network and local passwords.

The menu bar app can perform the following tasks:

• Continuously keep local and network account passwords in sync

• Retrieve Kerberos tickets, if a Kerberos realm is specified

  Note:

  Computers must be connected to an on-premise Active Directory domain controller during Kerberos authentication.

• Pair a Mac computer with a mobile device that has the Jamf Unlock app installed.

• Sync keychain item passwords with a network account

• Run scripts automatically or on a specified schedule

• Configure access to file shares

• Configure custom actions

• Display custom branding