We're looking to move multiple VPP accounts into JSS and would like to allow those staff responsible for their sections access to JSS so they can manage the entire process from purchasing in Apple VPP through to deployment to their iPads.
Can this be done?
I'm not sure which privileges I should be giving to allow this without allowing access to everything. Is there a spreadsheet or something similar available that would help with this?
As a baseline you'll need the following:
Read access to Mobile Devices
Full access to Mobile Device Apps
Create* and Read access to VPP Admin Accounts
Aside from those, I'd recommend giving access to User and Mobile Device groups, at your discretion, depending on how you intend to scope your apps.
Thanks for that I'll give those settings a go.
I would recommend a more centralized approach. Depending on how many people have the ability to add apps to the JSS it can get out of control fast. In our situation we have applications duplicated 20 times because 20 different campuses want to use it. With multiple people adding applications the vetting process is not easily enforced. We are currently at 5539 apps in the JSS with a huge number of duplicates.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.