Jamf Connect is a Mac device authentication solution, that lets a user unbox their device, power it on and access all of their corporate applications and resources after signing on with a single set of cloud identity credentials.
N/A
Microsoft Entra ID
Score 8.9 out of 10
N/A
Microsoft Entra ID (formerly Microsoft Azure Active Directory or Azure AD) is a cloud-based identity and access management (IAM) solution supporting restricted access to applications with Azure Multi-Factor Authentication (MFA) built-in, single sign-on (SSO), B2B collaboration controls, self-service password, and integration with Microsoft productivity and cloud storage (Office 365, OneDrive, etc) as well as 3rd party services.
Jamf Connect works particularly well in our lab environments where the central "source of truth" for student accounts is our Okta IdP. As Apple has recommended moving away from Active Directory binding (which was our previous source of truth for authentication) we needed a new central way to manage this function. Okta worked well for other services on campus, and it was a smooth integration to make it work with Jamf Connect for virtually all use cases on campus (we still have a couple of NAS/SAN systems that require Active Directory).
If you have a mixed solution, such as different types of devices with different types of operating systems, it could be more complicated. But if you have already decided that your company will be a Microsoft company in terms of everything internally running with Microsoft software, like the operating system, Windows 11, then this is probably the best way to use it. So if you have mixed or hybrid solutions or scenarios, maybe it's not exactly what you mean.
Many people at our company work remotely, including the sales and procurement teams. So people usually travel from one country to another country. Some people travel to Australia or some people travel to Canada based on the business requirements. So we usually audit the sign-in logs and verify whether the user is valid while they're using our company's email ID to perform their day-to-day operations.
I say "cost" on a per-user basis for smaller organizations, which is why Microsoft has small-business programs. I'm trying to figure out if anything is uniquely gripping. I guess transitions to and from, but to be honest, that's where we live. The difficulty of adopting Microsoft Entra ID when you didn't start there as an organization is a little bit sizable, but that's the case with any identity provider. It's not anything endemic to Microsoft Entra ID. It works. It's efficient.
It is almost a certainty that we will continue to use Jamf Connect, even with Apple coming out with Platform Single Sign On. Jamf Connect provides several features that PSSO does not, such as "just in time" local account creation and automatic synchronization of enterprise credentials. It is unlikely that we would investigate other options at this time or in the near future.
MSFT Entra ID has been essential for managing our geographically dispersed team. We're confident that it will scale with us as grow, and we'll be able to take advantage of additional security and ID management features as they become necessary. Being able to centrally manage our user access from anywhere with a small support team is such a relief.
Jamf Connect is quite easy to use and has the necessary options on the login screen (such as WiFi network connection) for getting connected and authenticated. It has a simple to use menulet that allows password changes and resets as well as temporary elevation, all with very clear workflows. It also allows us to assign field staff to their client users' computers so that they can provide support without having to resort to LAPS accounts.
Simply because of what I mentioned earlier, the feature set sort of keeps changing and they do a lot of, they integrated with a lot of the other tools and so for users who are not as well seasoned, it may be a little bit more complicated for them to begin working within the tool.
I have not needed to engage support for anything at this time. I have been able to find the answers either online or in a knowledgebase. I tried to skip the question but it would not let me, so I rated a 9 based on other interactions with Microsoft support I have had
Make sure you use a good partner. Our implementation was a bit longer and more problematic than we expected. Our partner got it done, but, in my opinion, some of their inexperience and staffing issues were evident.
The only other product we evaluated was Xcreds from TwoCanoes software, which is essentially a one person shop. We already were Jamf Pro customers, and Jamf Connect fulfilled all of the requirements for this function along with providing professional customer support. Since we already had a relationship with Jamf, it made perfect sense to add this product to our toolkit, and keep technical support contained within one organization.
Microsoft Entra ID is not as stand-alone product as competitors like Okta. It may lack some of the features that competing products have but on the other hand it integrates both technically and license wise with other Microsoft cloud services and is easy to deploy. It is also the easiest way to extend identity management to the cloud if you already have Microsoft Active Directory in use.
Microsoft Professional Services' technical knowledge is appreciable as consultants design the solution as per customer requirements. Mapping of features per user specifications and assisting Customer IT engineers to implement so they can manage and administer the services.
I think managing costs was probably the biggest one as a nonprofit. We're always worried about the financial impact that any product can have. And as licenses change or they are shut down, migrating to the proper product without going over budget is always something we are concerned about. But for the most part, it's been positive. Microsoft works for us as nonprofits to make sure that we get very fair pricing.
