Real talk, real tools and real-time support from people who get it.
Get answers from fellow admins
Find your way around
Share your thoughts
Submit your idea
At some point in your career as an Apple Admin, you’ve (most likely) inherited a Jamf instance and said either to yourself or out loud, “Huh, I wonder why they did that. I certainly wouldn’t do it that way” or “That’s not the best practice I was taught”. Caveat: There’s no such thing as best practice. The better concept is defining the best practice for your environment. This is where you get to step in and be the hero. It’s your job to take the environment, back it up first. Make sure you backup your instance and sync it to your free Jamf sandbox (If you don’t have one, talk to your rep). Once you’ve backed up and sync’d to the sandbox, I hope you’re noticing the theme here…you can get started with the H.E.R.O. process. Something not mentioned is the process of writing documentation. DOCUMENT, DOCUMENT, DOCUMENT. Write down everything from the current state, proposed changes, changes you made (with dates), how configs work, work
Basically we have disabled the screenshot feature for a certain group in my organization via JAMF Configuration Profiles, but recently we have found a loophole for users to take screenshots via enabling the “Show features for web developers” and then on Safari, going to Develop tab and “Show Web Inspector” > Elements tab and right click the html to show the option to “capture screenshot” and it will allow you to save the screenshot. We are trying to remediate this loophole by disabling the option to enable the web developers option. Anyone have any ideas? I have tried using Configuration Profile and using the Application & Custom Settings option, but could not get it to work using the plist I found online.https://www.geeksforgeeks.org/techtips/how-to-take-screenshot-apple-safari/
Hey Jamf Admins!Our next LaunchPad Virtual Meetup is happening on Friday, July 11th at 12 PM MDT (GMT-6). We’ll be unpacking the biggest WWDC25 announcements—Liquid Glass, macOS Tahoe, and Apple Intelligence—and focusing on what matters for your Jamf environment.We’ve invited Tony Young (Sr. Mac Ops Engineer @ Akima) to share: Liquid Glass macOS Tahoe Apple Intelligence … and more! Date: Friday, July 11thTime: 12 PM MDT (GMT-6)Register here → https://rkmn.tech/j-launchpadLooking forward to seeing you there!— Patrick & the Rocketman Tech team
I uploaded the Protect plan to Jamf Pro configuration profile. I was wondering if Protect also works on devices? I tried to upload the same file to the devices but it ends up failing. If there is any documentation for deploying to devices, please point me to it!
Hey All,We are working on determining the best way to manage our assets. We are a Mac/iOS only environment. So all of our equipment goes into Jamf Pro. We don’t do touchless deployment (management decision although its practically touchless). I’d imagine we’d need to get MUT involved to update purchase status.How do you handle new equipment or equipment that goes back into inventory? Also, we are looking to get physical asset tag stickers for the devices. Any suggestions on using Jamf as a complete solution? Or addition tools that people use for Asset Management to track items?Thanks!
Hello Jamf Community, I'm currently experiencing an issue with Jamf Remote Assist — I haven't been able to successfully connect to any Mac devices for the past two weeks. Each attempt either times out or fails with no clear error message. I've tried the following so far: Confirmed that Remote Assist is enabled in Settings. Restarted Jamf Daemon and the local Jamf app on the affected Mac. Verified network/firewall configurations (no changes recently). Tested on both Intel and Apple Silicon Macs with the same result. Has anyone else encountered similar issues recently?Is there any known workaround or reliable fix that could help restore functionality? Any suggestions or guidance would be much appreciated. Thanks in advance!
Just be going though the process of updating our Autodesk apps for 2026. its not a script I have written but I have updated for Maya & Mudbox 2026. I found on her somewhere.Thought it was sharing to help other as a starting point. #!/bin/bash#Copy installer app from .dmg to /tmp#Modify values below as necessary (Usually: year and pKey)#Set variablesyear="2026"pkgPath1="/private/tmp/InstallMaya2026.app/Contents/Helper/Packages/Maya/MayaUSD.pkg"pkgPath2="/private/tmp/InstallMaya2026.app/Contents/Helper/Packages/Maya/Maya_AdLMconf2026.pkg"#pkgPath3="/private/tmp/InstallMaya2024.app/Contents/Helper/Packages/Licensing/adskflexnetserverIPV6.pkg"pkgPath4="/private/tmp/InstallMaya2026.app/Contents/Helper/Packages/Licensing/AdskLicensing-15.1.0.12339-mac-installer.pkg"pkgPath5="/private/tmp/InstallMaya2026.app/Contents/Helper/Packages/Maya/Maya_core2026.pkg"pkgPath6="/private/tmp/InstallMaya2026.app/Contents/Helper/Packages/Maya/bifrost.pkg"pkgPath7="/private/tmp/InstallMaya2026.app/Content
My Google-Fu is failing me ... How can I enable the preference below from Terminal?
What's your favorite: - Resource when stuck in a rut and need answers? (aside from chatGPT) - Favorite beverage hot or cold- Role model in the tech world- Way to decompress after a stressful day - Hobby side from work
I have been getting requests to provide all managed phones with a contact list. The config page allows me to access a CARDDAV server. I would like some suggestions on how to best set one up, perhaps a cloud solution. Thanks
In case you missed it ... What’s new in Apple device management and identity https://developer.apple.com/videos/play/wwdc2025/258/?utm_campaign=MacAdmins.news&utm_medium=email&utm_source=MacAdmins.news_365
Hi everyone,We’re currently using Jamf School to manage our Apple devices and are running into issues with Microsoft’s enforcement of strong certificate mapping as outlined in KB5014754.Our environment relies on certificate-based authentication with Active Directory. While we’ve configured UPN mapping using the RFC 822 SAN field, our domain controllers (now in Full Enforcement mode) are rejecting certificates that don’t meet the new strong mapping requirements.Unfortunately, Jamf School doesn’t appear to support:Inclusion of SAN URIs with SID Custom certificate templates Scripting or automation for explicit mapping via altSecurityIdentitiesWe’ve temporarily enabled Compatibility Mode on our domain controllers, but this is only viable until 10 September 2025, when Microsoft will enforce Full Enforcement by default.Questions for the community and Jamf staff:Are there any confirmed plans for Jamf School to support strong certificate mapping before the enforcement deadline? Has anyone foun
I’ve got a weird issue with MS Defender Configuration Profiles applying/Un-applying intermittently. As part of our enrollment process we install MS Defender and apply Configuration Profiles. This has been working fine for close to 12months.Now for some reason even though the Configuration Profiles are still applying (You can see them in Device Management). The configuration doesn’t always apply even when it does apply the settings can stop taking affect shortly afterwards.Device Management still has the Configuration Policies applied.I’ve tried downloading fresh configurations, onboarding etc. from Microsoft with exactly the same result. Has anyone else seen this?
Updated 14SEPT2022 - I moved the GitHub link over to the official Jamf Github - https://github.com/jamf/jamfconnect/tree/main/azure_conditional_access will have the latest until the official Jamf Connect docs get updated.Updated 14JUL2022 - The github link below has been updated with some steps removed for version 2.13 or greater of Jamf Connect, details about custom ROPG scopes in the menu bar, notes on how the login may still show a failure after doing this but that's fine. https://www.jamf.com/blog/how-to-azure-conditional-access-and-jamf-connect/ will supersede instructions currently on the Jamf Blog.Updated 14JAN2022 - The github link below has been updated to simplify the setup of the application registrations in Azure and allows for full testing in Jamf Connect Configuration before deploying to a test machine.https://www.jamf.com/blog/how-to-azure-conditional-access-and-jamf-connect/ - Updated instructions posted to Jamf Blog.UPDATE
Hi folks, I'm looking to create a policy to do the following. Install AWS VPN Client Add Profile with provided .ovpn file. Pushing the AWS VPN Client is easy enough by pushing the .pkg file.Anyone have any experience/ideas for the second part? Thanks!
Submit and vote on product ideas.
Learn about our customer advocacy program that celebrates our most passionate customers.
Join the community to receive product updates, and share feedback.
Already have an account? Login
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.
Sorry, our virus scanner detected that this file isn't safe to download.
