![]() Require device to be marked as compliant.Several Conditional Access Grant policies can create unacceptable behavior to access a client device: To eliminate the inaccurate "failed responses" for ROPG, admins must remove any "All cloud apps" scoped requirements for multi-factor authentication and create a custom scope for Jamf Connect login.įollow the guide in Azure_Conditional_Access_and_Jamf_Connect.pdf (source: GitHub) for step by step instructions. The Authentication required column shows “Single-factor authentication” and the Authentication Details show “Invalid username or password or Invalid on-premise username or password.” While the user is required to use Multi-factor authentication, the user failed the first, single factor and thus was never prompted for MFA. ![]() In the second example, a user with MFA required failed to enter their correct password: ![]() In this example, the login was a success - the Result detail shows that the “User did not pass the MFA challenge (non interactive).” This login can be interpreted in that the user was required to use MFA by either a Conditional Access policy or through Azure Multi-factor authentication. Under Authentication Details, the “Result detail” will let an administrator determine if the login was successful or a failure. Clicking on the row will pull up additional details about the login attempt. ![]() Under the “Authentication required” column, the first login says “Multi-factor authentication”. Shown above are two logins which appear to be failures. Navigate to Activity → Sign-ins to open user usage logs. Navigate to Azure Active Directory → Enterprise Applications and select the name of your Jamf Connect application in Azure. CA policy will be applied as expected to the Jamf Connect login application and ROPG check will appear as a successful login in sign-in logs. Verify that no policies are created that apply to "All cloud apps" as to not affect the ROPG workflow.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |