If you haven't maybe even post this in /r/JAMF if you havent already. Take what I say with a grain of salt and maybe someone here has more recent experience with JAMF as it's been almost 3 years since I even looked or thought about JAMF. We started with very basic rule sets (Screen lock time, minimum password requirements, etc) they gradually upscaled security until root was taken away among other things, and eventually introduced Apple equivalent to what NoMAD was (now JAMF Connect) to force password changes.
#Jamf saml serial numbers
It would be a good way to keep people accountable instead of looking at a spreadsheet of serial numbers and usernames and checking them off manually like we first did.Īlso, from my experience and if you are coming from non-managed Mac's and if you are working with developers (software engineers/QA/etc) who are used to full control they are going to complain if you start with max restrictions off the rip. Or you can just have the enrollment bookmark in the user's Okta profile and name it (Enroll your Mac or something) and have some Workflow logic check that user's computer is enrolled in JAMF and remove the bookmark from the user if it is successfully enrolled.
#Jamf saml install
I never specifically set up JAMF enrollment via Okta but I believe it can support it with Okta Workflows but wouldn't even know how that would work from a technical perspective as the agent needs to install the MDM profile on the device first. And the other piece is the SAML setup in JAMF is pretty straightforward (see Okta guides).
miniOrange allows you to integrate with an Identity Provider (IdP) and implement Single Sign-On (SSO) for Jamf Pro. The original SP obtains the user identity from the SAML response and presents the personalized screen to the user. With availability in the cloud or on-premise, there is a deployment option for everyone. Obviously, there are 2 pieces to this and it's been a long time since I managed JAMF but if you are looking for user-initiated enrollment and don't plan on leveraging auto-enrollment via Apple Business/School Manager, documentation on JAMF is pretty informative as users just need to simply go to a URL login and they will get an installer to run on their local machine. Jamf Pro is an enterprise mobility management tool used by IT pros to deploy, inventory and secure Apple devices.
0 kommentar(er)
