Local and Network Authentication Management Settings

Jamf Connect Documentation

Solution
Application: Jamf Connect
Content Type: Technical Documentation
Utilities & Services
ft:locale: en-US

Domain —com.jamf.connect.login
Description —
Used to determine local and network authentication restrictions.


Setting	Description
Require Network Authentication `DenyLocal`	Determines if users can bypass network authentication and use local account credentials. When enabled (set to true),Local Login is not available and the user must use network authentication to log in. If disabled (set to false),Local Login is available and users can choose to authenticate locally. You can also use this setting to ensure that network authentication on FileVault-enabled computers is not skipped upon startup. For more information, see Disabling Automatic FileVault Login. `<key>DenyLocal</key> <false/>`
Users with local authentication privileges `DenyLocalExcluded`	Specifies which users can still locally authenticate if the `DenyLocal` setting is enabled (set to true). `<key>DenyLocalExcluded</key> <array> <string>user-one</string> <string>user-two</string> <string>user-three</string> <string>user-four</string> </array>`
Allow Local Fallback `LocalFallback`	This key is used with `DenyLocal` to force authentication to the IdP first, but then fall back to local authentication if a network connection is unavailable. `<key>LocalFallback</key> <false/>`
Use Local Authentication by Default `OIDCDefaultLocal`	When this setting is enabled (set to true), Jamf Connect uses local authentication by default rather than network authentication, which ensures users can always log in without a network connection. `<key>OIDCDefaultLocal</key> <false/>`