Logging into Macs with O365 Credentials
We have had a number of clients ask us to enable their Mac users to login into their Mac machines using their Office 365 credentials. Previously, this was a simple process of joining the Macs to the on-premise Active Directory which is synched to Office 365 (Azure AD). But premises have been downgraded in the time of Covid, and many companies are migrating away from on-premise AD to Azure AD. Furthermore at the time this is being written, April, 2022, Macs cannot be joined to Azure AD without a complex solution that involves adding additional directory services and re-introducing VPN, which defeats the purpose in many ways.
So we went looking for 3rd party solutions and Google search unearths two main contenders: Jamf and JumpCloud. Jamf is a mature, full featured Mac device management platform. However, the upfront costs and deployment complexity can make it a difficult fit for smaller companies with smaller budgets who will only benefit from a subset of the many features that JAMF provides.
JumpCloud on the other hand is a lighter-weight platform, with lower upfront costs, but we find that their focus on identity management means that JumpCloud would need to be the authoritative directory to enable O365 login to Macs. Switching all users, of both Windows and Macs, from Azure AD to JumpCloud, just to accomplish Mac O365 logins is a bit like the tail wagging the dog. Not to mention the fact that there are more mature identity management platforms like Okta if that is what you are looking for.
So we kept digging and digging, and I was surprised by this because generally, the best solutions rise easily to the first few pages of a Google search. But very deep searches for O365 Mac login solutions kept yielding Jamf and JumpCloud over and over. Until I dug deep into a thread on the Spiceworks forum boards of all things and found someone recommending a platform called Mosyle. Now I had never heard of this platform before, so I was curious. I went and checked them out, and sure enough, they offer Mac device management and tout O365 logins for Macs.
Our demo with Mosyle was really refreshing. (Keep in mind, we are not Mosyle partners or compensated by them in any way, this is a totally objective view.) Mosyle’s admin console is sleek, decidedly Apple-inspired. It was a simple matter to sync the Azure directory to the Mosyle directory, crucially allowing Azure to remain authoritative. Integration with Apple Business Manager was also simple and straightforward. And enrolling the actual Mac devices into Mosyle and pushing the required profiles for O365 login was a very smooth process. Of course we are IT professionals, very familiar with MDM and cloud platform integration. But for the most part: It just worked.
Not only that, but Mosyle has a very rich set of additional device management features to lower remote device administration costs, such as remote password reset and lockdown, remote software deployment, and remote configuration. These are all the more needed in this largely work-from-home environment we all still face. So… two-thumbs up for Mosyle MDM.
If your business would like to implement O365 logins for Mac but don’t have sufficient IT resources free to do it yourself, we can help. We can also talk more about whether Mobile Device Management could solve some of your own business challenges, saving time and money, increasing end-user productivity, and getting more value from hardware investments. Give us a call or drop us a line.