Integrating Jamf Pro and Okta LDAP

This short guide will get Jamf configured to pull user information from Okta, no matter how your users are mastered.

Okta

Add LDAP Directory in Okta. Go to Directory > Directory Integrations. Select Add Directory > Add LDAP Directory. Make sure to set the LDAP Interface to Active.

Okta Dashboard
Adding an LDAP directory
Viewing the new LDAP Interface settings

Jamf

Log into Jamf. Go to System Settings > LDAP Servers. Create a new LDAP server. Select Configure Manually when asked to choose a directory service.

Jamf System Settings page
LDAP Servers page. Use the New button to add a server. Please ignore the already active Okta LDAP entry.
Select Configure Manually

User Mappings

Model your User Mappings to these settings.

Attribute Mapping
USER ID uid
USERNAME uid
REAL NAME cn
EMAIL ADDRESS uid
APPEND TO EMAIL RESULTS Optional, refer to Jamf documentation
DEPARTMENT department
PHONE phone
POSITION title
USER UUID objectGUID
User Mappings screenshot

User Group Mappings

Attribute Mapping
OBJECT CLASS(ES) groupofUniqueNames
SEARCH BASE dc=yourcompany, dc=okta,dc=com
GROUP ID uniqueIdentifier
GROUP NAME cn
GROUP UUID objectGUID
User Group Mappings screenshot

User Group Membership Mappings

Attribute Mapping
MEMBER USER MAPPING UniqueMember
User Group Membership Mappings screenshot

That's all. Try looking up a few users in Jamf to make sure the integration is working correctly.

Show Comments