Adding IBM Cloud Identity to the Jamf Connect mix
Before going into some time off, and probably not touching any Jamf Connect related stuff for 2 weeks, let’s have a look at another iDP: IBM Cloud Identity.
This is going to be a shorter post compared to other Jamf Connect related blogs, as I managed to get everything working nicely. I had a small ROPG roadblock but was able to fix it. See below.
Start point: https://docs.jamf.com/jamf-connect/1.1.2/login/administrator-guide/IBM_Cloud_Identity.html
NOTE: I'll try to you some time here mentioning the fact that when you go through the setup of the OIDC app in IBMCI, you need to configure it as "Public Client (no client secret)". Saving the app following the instruction above by default creates it WITH a secret, and while I was able to deploy Jamf Connect, it actually broke ROPG. Setting the "OIDCNewPassword" key to false to validate the password gave me "incorrect password" when trying to create the user account.
The logs gave me: "ROPG Error: CSIAQ0160E A confidential client attempted to access the token endpoint without authenticating."
Changing the app setup in IBM to Public fixed it.
NOTE: I also had an issue with trying to deploy Jamf Connect Login with IBMCI on a virtual machine. While it works fine with other iDP's, I ran into issues loading the webview of the IBM login screen on a VM. Logs gave me: Logs: SecurityAgent: (JamfConnectLogin) [com.jamf.connect.login:UI] OIDC webview load failed.
Continue reading “Jamf Connect Login and IBM Cloud Identity”
This flashes the login screen briefly but then shows the "unable to contact the Identity Provider screen".
However, I assume this is only a VM hickup, as it all works fine on a physical machine.
The same as other Jamf Connect iDP deployments, yet different.
I know, it’s only a few days since I discussed deploying Jamf Connect Login with OneLogin, but as many people are using Jamf Connect with different iDP’s, let’s quickly have a look at another one: Google Cloud Identity.
Before taking it out for a spin, have a look at the admin guide here. As with all other iDP’s and Jamf Connect, the idea is to create an app in Google Cloud, and configure Jamf Connect via a config profile or custom settings plist.
However, Google is a bit different compared to other iDP’s and there are a few things I’d like to highlight before we have a look at the deployment.
Continue reading “Jamf Connect Login and Google Cloud Identity”
Another iDP tested with Jamf Connect Login
NOTE: I was told that configuring Jamf Connect with a OneLogin instance hosted in the EU does not work. See comments from Martin below. I presume this is an issue with the End Point Jamf Connect uses. Setting the OIDCProvider to "OneLoginEurope" does not work either.
Solution: set OIDCProvider to "Custom" and add the "OIDCDiscoveryURL" which you'll find here: https://developers.onelogin.com/openid-connect/api/provider-config
Hi all, it has been a while since I posted another topic. Things got a bit busy, and I’ve been struggling fixing things with both ADFS and Okta in Jamf Connect. I still have some remaining roadblocks to tackle on those and will try to update those issues I mentioned in my 2 previous posts ASAP. But in the meantime, let’s have a look at another iDP integration in Jamf Connect: OneLogin.
Trying this one out was actually a relatively smooth ride, although I’m facing one minor issue which I’ll discuss at the end of this post.
So Jamf Connect and OneLogin, let’s have a look.
Continue reading “Jamf Connect Login and OneLogin (and Secure Tokens”
And oh yes… I’m adding something about Secure Tokens as well..
Jamf Doubles Down in Education, Acquiring ZuluDesk, a Leading Apple Education Technology Solution
Yes, you read that right! Zuludesk is now part of the Jamf family!
Exiting news because, where until recently Jamf and Zuludesk were competitors (read: more specifically in the world of Education), forces have now been combined!
At this moment, I don’t have any additional information to share outside the public press release but I’m sure this acquisition and combined forces will bring an exciting new future for the world of macOS and iOS management!
For now I just wanted to help spreading this awesome news! Stay tuned for more. Exciting times ahead!