Skip to main content
Question

Exchange profile S/MIME

  • January 30, 2015
  • 5 replies
  • 18 views
J
Forum|alt.badge.img+8

Just wondering if anyone has figured out how to enable S/MIME in an Exchange profile that is distributed via MDM (Casper).

If I enable S/MIME in the profile it asks me to provide a certificate. Obviously I don’t want a different profile for every user. If I keep it set to none, and have the user manually install their certificate, the cert installs fine, however, the setting to select a certificate is greyed out. So the user is able to read encrypted messages, but cannot send encrypted messages.

Am I missing something?

    5 replies

    C
    Forum|alt.badge.img+9
    • cubandave
    • Contributor
    • 51 replies
    • April 12, 2017

    I'm just curios did you get anywhere in your search? My IT security team is also now demanding this from me.

    B
    Forum|alt.badge.img+13
    • beatlemike
    • Contributor
    • 65 replies
    • November 20, 2017

    I was interested in this as well

    T
    Forum|alt.badge.img+5
    • TreviñoL
    • Contributor
    • 51 replies
    • November 24, 2017

    Add the SCEP profile to your current Mail profile to be given the option for SCEP authentication using a user certificate for authentication.

    You can find a few articles online how to setup SCEP templates for Mac and iOS.

    B
    Forum|alt.badge.img+7
    • bofh
    • Contributor
    • 43 replies
    • December 12, 2017

    @TreviñoL It's not about Certificate Login. It's about signing and encrypting mails.

    @Rest: It seems to be an issue of how the Profile itsself is handled. JAMF has opened a RADAR Ticket for this issue. 32947989.
    I asked them to put it on openradar now, maybe we can see it publicly.
    If you want more info about all that, contact me using slack. (same nickname).

    F
    Forum|alt.badge.img
    • fabian_may
    • New Contributor
    • 1 reply
    • July 9, 2021

    Hello there,

    guess I'm a little late.. but I just found the solution for the S/MIME problem..
    It seems like Jamf just isn't using all the available parameters for Mail settings.

    Solution is pretty simple..

    1) Download the Software Profile Creator
    https://github.com/ProfileCreator/ProfileCreator
    (Big Sur Version is working fine, you'll might have to join the Mac Admins Slack)

    2) Export your current mail configuration profile from Jamf

    3) Import the configuration profile into Profile Creator

    4) Edit all the additional options Jamf "forgot":
    (attached screenshot is for IMAP, Exchange has mostly the same options))

    5) Save the profile and sign it (so Jamf won't change anything when importing it)

    6) Import configuration profile to Jamf and deploy it

    Hope this helps other stressed out Jamf admins.. ;)

    Greetings from Germany


    Terms & ConditionsCookie settingsAccessibility statement