How Faculty and Staff Sign Into macOS with JAMF Connect

Tags MacOS JAMF

Starting in the Spring 2024, all new macOS computers managed by UMS:IT will use a new process to log in. In past years, users would log in with a local account that may not match their UMS username and password. This has been a security risk as the passwords do not change and users would need to remember multiple passwords. UMS:IT will now use a tool called JAMF Connect to log into the workstation with a user's full UMS email address and UMS password.

Detailed Information

  • Users accessing the new login process will be presented with the familiar blue Maine background and a UMS branded Microsoft login window overlaying the old login window.
    • A branded login box with UMS logo on macOS using JAMF Connect.
  • Users simply need to use their FULL UMS email address, example@maine.edu, to and click next.
  • If it is a valid account in the UMS Azure tenant, it will display a branded UMS login page, asking the user for their UMS password.
    • Microsoft login window with JAMF Connect, prompting for a password.
  • Please note, logging in with any non @maine.edu address will take the user back to the login page and will disallow the user to log in.
  • If a user has Duo MFA enabled, they will be prompted with a Duo MFA screen after attempting to log in with their password. 
  • The user will be taken to a desktop and a local account will be create for this session.
  • On logout, the account will be deleted.
    • Some UMS:IT computer speciality labs will not remove user profiles to upon logout, per the request of that that campus.

  • Troubleshooting

  • A user changes their password and is logging into a machine that keeps the user accounts.
    • Users will log in with their new UMS password, but will be prompted with a JAMF Connect login window to update their local account password.
    • If this fails, users can submit a ticket to IT to have their local account on the workstation removed and a new profile will be created on next login.
  • A user forgot to type in @maine.edu.
    • One of two actions will occur, a notice will displayed that the user could not be found, type in the full email address to continue.
    • Or the login screen goes blank and will not allow the user to sign in. Clicking the refresh button at the bottom will force the window to refresh and accept new logins.
  • A user tried to sign in with their personal Microsoft account or one belonging to another organization.
    • The user will be prompted for their personal password, but signing in will take the user back to the initial log in screen.
    • ONLY UMS Microsoft accounts with the @maine.edu domain will allow the user to sign in.
  • A user's primary account for signing into the services is their Aux UMS account or their account hasn't been synced to Azure.
    • Submit a ticket to IT to verify and manually sync your account.

  • Environment

  • All UMS-Managed macOS computers, computer labs, and some non-UMS:IT computer labs set up in coordination with UMS:IT.
  • All managed macOS clients will be running macOS 12.x thru 14.x
Print Article

Details

Article ID: 139800
Created
Tue 2/27/24 9:38 AM
Modified
Wed 7/17/24 9:50 AM
Applies To
Students
Faculty
Staff