Has anyone configured user auth during enrollment with OpenID Connect via Okta or any other IDP? Meraki documentation is not very detailed to say the least.
Is this in reference to the new SSO features in macOS 10.15 Catalina? I've had trouble tracking down an example profile on the MacAdmins slack, and it's not in Apple's documentation at the moment. I have the beta installed on a test Mac, and either that feature is buried somewhere, or it hasn't even been released as part of the beta yet.
So there's a bit of work and testing before Meraki would get to it. Keep an eye on ProfileCreator for an example profile template whenever the app gets updated to support all the new Catalina profile payloads, including the SSO at enrollment profile.
If use client VPN with an IDP. You can't do inline enrollment.
If you are referring to splash page based authentication then you wont be able to do it out of the box. You would need to create a custom host splash page that allowed it.
No, this is about authenticating users during enrollment. At the moment they authenticate via Azure AD which was very easy to set up. Other options include G-Suite or Open ID which I'm trying to configure against Okta.
Logs don't register any events related to authentication and Meraki Open ID set up instructions are appalling at best.
@T1 do you use Azure AD with DEP enrollment, because the docs state that this isn't supported yet
I wasn't able to test it until yet
We do BYOD enrollment via Azure for all staff devices at the moment. DEP is for service devices: wall iPads, demo iPads/iPhones, room Macs etc. and we don't need any additional layer of auth here even if it was supported.
Meraki doesn't offer native Okta or SAML at enrollment, so the only option is Open ID protocol which Okta supports. After discussing with Support yesterday, looks like there is something off in Meraki backend and OPs team is looking into it.