/
UConn Jamf Self-Service: Device Compliance Installation Guide (macOS)

UConn Jamf Self-Service: Device Compliance Installation Guide (macOS)

This guide provides UConn faculty, staff, and students with a step-by-step walkthrough to set up a UConn-managed Mac that uses Jamf Connect for login authentication, Microsoft Intune for device compliance, and Duo for two-factor authentication. This ensures access to UConn resources such as Microsoft 365, VPN, Wi-Fi, and internal systems.

Prerequisites

  • UConn-issued Mac (macOS Ventura or later)

  • Internet connection

  • Duo Mobile enrollment for NetID

  • Valid UConn Microsoft 365 credentials (NetID@uconn.edu)

Part 1: Log in Using Jamf Connect

1. Power on your device

On the login screen, enter your full UConn email address and click Next.

image-20250528-184457.png

2. Enter your UConn password

Use your NetID password. Click Sign in.

image-20250528-184516.png

3. Complete Duo authentication

When prompted, approve the Duo request using your enrolled mobile device. Alternatively, enter the 3-digit code shown on screen into Duo Mobile.

image-20250528-184530.png

4. Confirm ownership (Duo prompt)

Select “Yes, this is my device” when prompted.

5. Grant keychain access

When prompted to allow Jamf Conditional Access to use the Microsoft Workplace Join Key, enter your Mac login password and click Always Allow.

You are now logged in and your Mac is linked to your UConn identity.

Part 2: Register Device for Compliance Using Company Portal

6. Launch Self Service

Open the Self Service app from the Applications folder. Search for “company”.

7. Install the required apps

Install:

  • Microsoft Intune Company Portal

  • UConn – Device Compliance Registration

8. Launch Company Portal

Open the Company Portal and click Sign in. Use your UConn email and password.

9. Finalize registration

Follow the prompts to register your Mac. You should reach a screen that says “You’re all set!” Click Done.

10. Confirm enrollment status

In the Company Portal, your device should be listed as:

“This device is enrolled with Jamf Device Compliance.”

 

Additional Info:

If this appears, enter your device’s password and hit Always Allow or Allow.

 

FAQ

What if I'm offline?

If your Mac has been signed into before, you can use Local Login to authenticate with cached credentials.

What if Duo is not available?

You will not be able to complete sign-in. Make sure your Duo Mobile device is charged and connected.

When does FileVault enable?

FileVault is enabled automatically by policy. It typically activates after the second login/logout cycle post-enrollment.

Can multiple users access the same device?

Yes. FileVault allows multiple users to unlock the disk. However, the first user must complete initial disk unlock after boot.

Will biometric login work?

Yes, Touch ID works unless:

  • The Mac was shut down (requires FileVault unlock)

  • The device was idle for more than 48 hours