Jamf Pro
Powerful workflows for IT pros
cancel
Showing results for 
Search instead for 
Did you mean: 

Forum Posts

Using Active Directory groups to admin

Hello, We use JAMFschool and bind our Macs to AD via a policy pushed to all the machines. It allows the devices to login however despite putting group names in the profile we still cannot administer through AD accounts. Anyone have any insight on thi...  View more

  • 48 Views
  • 2 replies
  • 0 kudos

Create smart group based on distribution list name

Is it possible using OKTA LDAP (no AD bind) to create a smart group based on DL membership? Say I have a DL call IT-Team in AD and I want to target that group specifically for application deployment or something, is that possible? Old way, which was ...  View more

  • 35 Views
  • 1 replies
  • 0 kudos

Big sur and AD problems

When I try to unjoin Big sur device from AD , Im getting this error message . "this computer is unable to access the domain controller due to unknown error " . Anyone here came across such issues , or know when this error happens ?  View more

  • 18 Views
  • 0 replies
  • 0 kudos

Big Sur problem - Dinamic registration in DNS Server

Today I found out that Mac OS 11.x (until 11.2.3 - the actual one) is not updating the Forward DNS registry and de Reverse DNS registry in internal DNS Servers.The problem is that if you have a Scavenge Age defined to scavenge old dns entries, it wil...  View more

  • 310 Views
  • 21 replies
  • 3 kudos

Microsoft AD to Jamf Cloud

Hello, I understand there are alot of questions regarding AD integration and ive read most of them, But ive got a couple of questions still not answered. Im looking actually to simplify account creation, where we dont need to create accounts and tag ...  View more

  • 16 Views
  • 0 replies
  • 0 kudos

Active Directory Best Practices?

Hey Friends - We are replacing all our old Trashcans with new Mac Pro's with handles, running Catalina 10.15.7 In the past, we've just directly bound our machines to Active Directory. I get the impression this is not the best way to do this, and that...  View more

  • 80 Views
  • 6 replies
  • 0 kudos

Domain password change with multiple computers

I have users that need to maintain two or more assets. At the moment - the company is still requiring the AD bind (I'm working on that). When they need to change the password, they'll make the change on one asset - this leaves the other asset with a ...  View more

  • 70 Views
  • 4 replies
  • 0 kudos

Jamf/Bigsur & AD Binding/pushing profiles

Hi I have a mac big sur envirnment in which we bind big sur macs to active directory. Keep running into an issue when logging in (issue hapens randomly) where i could assign/edit/remove Jamf profiles and policies.. when i then logout/restart the mac ...  View more

  • 16 Views
  • 0 replies
  • 0 kudos

Big Sur intermittent AD bind issues?

I am seeing intermittent AD bind issues that I am trying to resolve. On occasion, the target Mac running macOS11.1 will lose its ability to search LDAP users/groups in AD. Then eventually it starts working again. AD binds OK but 'flickers' - it will ...  View more

  • 42 Views
  • 1 replies
  • 4 kudos

Computer Renaming to Default

We rename our machines at enrollment based off of a user choice in DEPNotify to see if it is a shared, primary, or test machine, SerialNumber-(S/P/T). This choice is used to easily identify a machine based on usage, as well as smart group/policy scop...  View more

  • 27 Views
  • 0 replies
  • 0 kudos

LDAPS Switchover - Basics

Hey folks. I'm just about to try and tackle the switchover to LDAPS on our Jamf on-prem instance, and getting myself a little confused in the process. These may be basic questions, apologies if so! Our current setup is thus:- Two Jamf servers (one fr...  View more

  • 22 Views
  • 0 replies
  • 0 kudos

Domain Join - Big Sur

Hi All, Before I start, yes I know domain join is now outdated, but we are still working through the POC for Jamf Connect.This means our Big Sur machines will need to bind to the domain. I am testing Public Beta 11, and for the life of me, I cannot g...  View more

  • 82 Views
  • 7 replies
  • 1 kudos

AD Bound Mac Filevault Best practices

I am somewhat of a filevault virgin, but am getting more and more pressure to enable on my Macs. I have done some testing on my development network, but am finding it a bit tricky with AD bound systems and using AD roaming profile logins.  View more

  • 93 Views
  • 11 replies
  • 0 kudos

Disappearing Configuration profile.

I have an odd one here. We have rolled out MFA at my company for the VPN and NAC. ITs a configuration profile that uses the Computer record in AD to pull in teh cert. I am rolling it out to the machiens across the company. Most of the machines are te...  View more

  • 17 Views
  • 0 replies
  • 0 kudos

AD binding not happening automatically

Hi all, I'm new to the Jamf Pro world and am trying to figure things out. Jamf 100 is in the books and I'm getting approval to take 200. Ive been playing around with prestages, policies to install apps, config files to add wifi and stuff. It's all go...  View more

  • 29 Views
  • 1 replies
  • 0 kudos

389 vs. 636

Hello out there - having issues with out-of-the-box Microsoft AD binding in OS X.15.6 that even with command line packetencrypt forced, I still see lots of port 389 traffic when I believe it should be 636. I am not wise enough to understand what is g...  View more

  • 26 Views
  • 0 replies
  • 0 kudos

Macs joined to Active Directory

When a Mac joins our Active Directory, 31 computer attributes are populated but does anyone know which attributes get updated after a computer binds to Active Directory? For example, the operatingSystem and operatingSystemVersion attributes populate ...  View more

  • 30 Views
  • 1 replies
  • 0 kudos

Upgraded labs to Catalina, now AD accounts can't log in

In need of some help. I work at a small university, and we have 7 Mac labs, 6 of which are managed with Jamf Pro Cloud. Several of them we upgraded to Catalina last week, and now in these spaces, when someone tries to log in with their active directo...  View more

  • 100 Views
  • 9 replies
  • 0 kudos

On/Off Campus Log-Ins

We are a grade school. One to One Macbooks In normal times, device never left campus. We used a simple Open Directory that once authenticated, would create a local Account/Home Folder on the laptop. If someone(assuming they were in our OD) logged int...  View more

  • 30 Views
  • 1 replies
  • 0 kudos

Force Bind LDAP When Unreachable (off VPN)

I am attempting to bind ldap server when the server is not reachable. Message is - Error: Connection failed to the directory server. (2100) I can force this binding via the Directory Utility > LDAPv3 UI but am looking for a way to force it through wi...  View more

  • 22 Views
  • 0 replies
  • 0 kudos

Jamf + SCCM Workflow

Hello everyone! I manage about 100+ Mac Minis and image them with Windows 10 + MacOS using BootRunner and BootCamp. We're planning on upgrading to newer 2018 Mac Minis from our 2012 Mac Minis, which feature the T2 chips that pretty much killed imagin...  View more

  • 56 Views
  • 2 replies
  • 0 kudos

Migrating to Kerberos Extension

We wish to migrate to macOS Catalina and the Kerberos SSO Extension. We have previously used AD binding. As part of manually migrating a computer, we put it in a static group called "Unbound". This group is scoped with configuration profiles for Kerb...  View more

  • 46 Views
  • 1 replies
  • 0 kudos
Labels