Introducing Privilege Elevation using Jamf Connect
The Jamf Connect menu bar app allows standard users to initiate a temporary elevation to a local administrator. Upon activation, a timer displays in the user's menu bar for the duration of their elevation. When the timer ends, the user is reverted to a standard user. This feature can be added to your Jamf Connect configuration via the Jamf Connect Configuration app or manually adding the Temporary User Promotion (TemporaryUserPromotion) setting.
All settings currently available for the privilege elevation feature can be found under the Temporary User Permissions section of Jamf Connect Configuration. For additional information about this feature, see Privilege Elevation for Local Accounts .
Other Changes and Improvements
Jamf Connect Configuration now displays a change log window after installing a new version.
The Admin Attribute (
OIDCAdminAttribute) setting is now available in the Connect tab of Jamf Connect Configuration for use with the Privilege Elevation settings.Azure v.2 is no longer unexpectedly available as an Identity Provider option in the Jamf Connect Configuration app.
Resolved Issues
[PI112857] Okta Verify no longer produces unexpected push notifications for users with Okta Identity Engine as their Jamf Connect identity provider.
[PI115853] The Use Local Authentication by Default (
OIDCDefaultLocal) setting correctly enables Jamf Connect to use local authentication by default rather than network authentication.- [PI115994] The Network Check-in Frequency (
NetworkCheck) correctly disables a background password check on app launch when the setting is set to 0. [PI116324] Kerberos ticket issuance occurs on login as intended, rather than requiring a network change or a manual ticket request.
[PI116380] Modifications to the Jamf Connect configuration PLIST file no longer unexpectedly remove the Redirect URI (
OIDCRedirectURI) setting.