New to Mac's/Jamf Administration

I wrote a tech thought on this called Huh to HERO

One of the great benefits of you being a Windows admin who is now using Jamf is being familiar with Intune & Entra. Be sure to get the integration set up in Jamf to use a cloud identity provider (such as Microsoft Entra) for LDAP purposes. It allows for scoping policies, profiles & apps to groups or departments much easier! Also take advantage of SSO. Use your existing Windows admin knowledge to your advantage!
 

Oh wow, that’s a great one.  The product has changed enough since I started using Jamf that I’m not sure anything I wished I’d known back then would still be relevant.

I’ve also been Apple-centric for most of my IT life so I can’t speak from experience to that kind of “code switching”. That said, if you haven’t gone through it yet, the Jamf 100 course has a lot of great info for getting started managing macOS and iOS in Jamf Pro. Fully online, self-paced, and best of all free! (Unless you want the cert, that’s $100.)

Welcome! to the club.

Check out this:
 

Great stuff. Thanks for sharing! 

It was called “Casper” back when I started, but one of the big benefits was taking a class after 6 months of use. The Jamf 100 and 200 will help. They also online video catalogs, which are very helpful.

MacAdmins Slack Channel is very helpful.

I wish I had know about the MacAdmins Slack, but then again it didn’t quite exist when I started managing Macs.

There are also some other JNUC sessions that could be helpful, another session about better practices:

And one specifically about inheriting a JSS:

That’s a great question and there are a million good answers, but like some folks have already said:

1. Get access to, and become active on, the MacAdmins Slack. This is an incredible resource for connecting with other folks that are going through, or have already gone through, the same day-to-day issues that you will experience: https://www.macadmins.org/
2. The online Jamf Training Catalog and Learning Hub are great resources for getting up to speed on several topics ranging from shell scripting fundamentals to configuring specific features in the products:
   1. https://trainingcatalog.jamf.com/
   2. https://learn.jamf.com/en-US/
3. If your org isn’t currently using Apple (Business or School) Manager, get that setup and start using managed apple accounts for things like your Apple Push Notification Service certificates. Using a managed Apple Account for this purpose makes it much easier to avoid any disasters when the person that had their apple account associated with this service leaves the org or is unavailable when the cert expires.

So you’re an Intune admin.  Well if you’ve managed Apple products in Intune (old Toyota), then get ready to get into a ferrari with JAMF.  While Intune is reliable and slow (not to mention doesn’t have all of the bells/whistles), JAMF has it all and does a great job at managing it!  The ONLY thing I wish they had was better PSSO integrations like MS has done with Intune.

Anyways, I manage Intune, JAMF, SCCM, Google Admin, and Landscape.  I prefer JAMF over all of those and we’re actively trying to make things flow the way we made them work in the JAMF/Apple world (onboarding/enrollment).

While I can say that I wish I knew something at the beginning (about 12 years ago), things have changed SO much on the JAMF side that the “wish to have known” is no longer there.  So I’ll start with this:  Smart groups are your friends.  Get very familiar with how those work and use the crap out of them.  STAY AWAY from static groups at all costs.  Understanding user permissions hierarchy will greatly help you too if you give your technicians access to the console.  USE THE API!  If you don’t know it, GET to know it.  It’s SOOOOO nice to be able to do a thing via the API be it connecting to another system, wrapping an application around an API call for technicians to do a thing, or just simply doing something en-mass via a script.  Check out the tools at your disposal in the JAMF marketplace: https://marketplace.jamf.com

Enrollment customizations are SUPER nice.  Captures primary user data at enrollment if configured.  Sounds like you’re an Entra shop, so the easiest way for user creation (currently) is Jamf Connect.  I know, I know, MS is working on it with PSSO, but still…

Anyways, there are a lot of tools out there to assist and A LOT of documentation out there to read.  If you need help with a particularly hairy issue, feel free to reach out to me on macadmins Slack @Chubs.

Happy JAMFing!

Gotta agree with @chubs on this. Leveraging the API within Jamf unlocks so many capabilities.

I too started using the product after managing Windows environments for several years. Besides what has already been said, the best advice I have to offer is; you should know you are not alone. The Macadmins/Jamf Nation community is the most welcoming and helpful community there is. We are here for you and are willing to guide you through your transition from Windows Admin to Jamf Superstar! If you need help reach out. We got you!

I second everyone who said the MacAdmins community (on Slack for me). I usually fear asking “the stupid question” and have truly found that there are none in those spaces. There are groups for everyone that are truly welcoming and just want to help others succeed.