Help

JAMF PRO - 11.16.0 New Feature - Support for onPremisesExtensionAttributes for Microsoft Entra ID

gmihailo
New Contributor III

Posted on ‎04-22-2025 05:17 PM

Has anyone worked out how to actually use this new feature? I'm particularly interested to see whether this feature could pass the onpremisessamaccountname into jamf connect using a variable finally without having to add any optional claims.

In short I want to pass the onpremisessamaccount name to jamf connect so that it creates a local account using the shortname that i also want to use for kerberos authentication (both of these desires at the moment require significant hoops to jump through).

 

I was expecting there would be additional fields available on the Entra Identity Provider Page in Jamf Pro  under 'mappings' however it still looks the same to me.

 

Second to that has anyone actually figured out how to actually pass these onPremisesExtensionAttributes into Jamf Pro yet? I'm so glad that Jamf Pro is providing some additional features that will help us blend on premises envirotnments more easily. Now I just need to figure out how to use them :)

 

Any help would be appreciated :) 

 

https://learn.jamf.com/en-US/bundle/jamf-pro-release-notes-current/page/New_Features_and_Enhancement...

Reply
3 REPLIES 3

lukasz_slodziak
Contributor III
Contributor III

Posted on ‎04-23-2025 03:44 AM

Hi @gmihailo, onPremisesExtensionAttributes is a property that can be mapped to in Jamf Pro. So if you navigate to your Entra ID integration and go to the Mappings tab, you can use onPremisesExtensionAttributes as a value in the available text fields. However, per the documentation, onPremisesExtensionAttributes contains 15 properties inside it and you need to specify which one you want to be mapping to. In order to do that you need to use the dot notation, for example: onPremisesExtensionAttributes.extensionAttribute1 or onPremisesExtensionAttributes.extensionAttribute2 etc.

Here's an example how to do it on the Mappings tab in the Position field:

Screenshot 2025-04-23 at 12.31.11.png

 

 

 

 

 

 

 

 

 

 

 

Separately, please note that onPremisesSamAccountName is also a supported mapping in Jamf Pro.

Reply

gmihailo
New Contributor III
In response to lukasz_slodziak

Posted on ‎04-23-2025 03:48 AM

Thank you for responding.

Can these onprem extension attributes also be used as User Attributes in Jamf Pro and if so can they also be passed as variables to Jamf Connect Login / Menu Bar?

0 Kudos
Reply

lukasz_slodziak
Contributor III
Contributor III

Posted on ‎04-23-2025 07:53 AM

I have reached out to my colleagues to confirm the details and it appears that the actual answer is, it depends! It is not possible to use it for the enrollment customization, but it should be possible to push the information to Jamf Connect for everyday Jamf Connect use after the device has been enrolled.

Hope this helps, but please do not hesitate to reach out to our Customer Support team with further questions. Thank you!

0 Kudos
Reply