Jamf Pro
Powerful workflows for IT pros
cancel
Showing results for 
Search instead for 
Did you mean: 

Forum Posts

Jamf Pro 10.32.1 Release

Hi Jamf Nation,Today we're releasing a hotfix for Jamf Pro that addresses a recently responsibly disclosed security issue.We strongly recommended that you upgrade to Jamf Pro 10.32.1 as soon as possible. The following CVE is addressed by this release...  View more

  • 5366 Views
  • 26 replies
  • 5 kudos

What's new in Jamf Pro 10.32 Release

Update: This release includes fixes for security vulnerabilities and it is recommended that you upgrade to Jamf Pro 10.32.0 as soon as possible. The following CVEs are addressed by this release: [PI-006352] CVSS 8.3 https://cve.mitre.org/cgi-bin/cven...  View more

  • 9149 Views
  • 13 replies
  • 4 kudos

LDAP Extension attributes don't work on 10.20

EDIT: To anyone wondering, this was a bug in version 10.20 - it has been resolved in 10.21. Hello everyone, Could anyone please let me know if they have the same issue as me? I'm on JamfCloud, currently version 10.20.1-t1584039255, and I've noticed t...  View more

  • 150 Views
  • 4 replies
  • 2 kudos

Scope Policy to LDAP Computer Group

Looking to see if any of the other MacAdmins out there knows how to scope a policy to an AD computer group. All my Macs are bound to AD. I'm looking to setup a process for our licensed applications where the computers are placed into a particular AD ...  View more

  • 421 Views
  • 5 replies
  • 0 kudos

VPN Before Login

My organization is looking for ways to make our deployment workflow completely zero-touch as a response to the COVID-19 crisis. A little background: All of our Macs are bound to a domain. It is a large educational organization with multiple child dom...  View more

  • 374 Views
  • 7 replies
  • 0 kudos

Okta LDAP User Group Working?

Are you guys able to lookup user groups via Okta LDAP? I'm able to lookup usernames, but user groups is not working for me.... Does it work for anyone here using Okta LDAP? If so, can you give me an example of what you're entering, as far as syntax g...  View more

  • 113 Views
  • 3 replies
  • 0 kudos

Failover Link with LDAP integration

I have a question for the community in regards to a security issue we discovered. Our Jamf cloud instance is AD/LDAP integrated (onPrem) and when the failover link is used to sign-on to the cloud console, our LDAP registers authentication attempts. T...  View more

  • 51 Views
  • 0 replies
  • 0 kudos

Connecting AD/AzureAD to Jamfcloud w/out DMZ

Hello, I need to connect my Jamfcloud instance to my active directory. I have an azure AD subscription but without using a purpose built DMZ. What is the easiest/best way to do this? I have found a guide on MSonline but it does not seem to be complet...  View more

  • 66 Views
  • 3 replies
  • 0 kudos

Extension Attribute scripts retaining variables?

I made a pretty simple extension attribute script that lists the OU path of a computer bound to our AD: #!/bin/sh ad_computer_name="$(dsconfigad -show | grep "Computer Account" | awk '{print $4}' | rev | cut -c 2- | rev)" ad_ou="$(ldapsearch -LLL -h ...  View more

  • 473 Views
  • 22 replies
  • 0 kudos

Enrollmen Customization (LDAP Authorization)

Hi, I'm testing an enrollment setup with an enrollment customization that contains an LDAP authorization pane. I have added the Domain Users group to the customization so that any user is allowed to use it. The pane shows up, but when I try to author...  View more

  • 105 Views
  • 2 replies
  • 0 kudos

Scripted LDAP integration for Mac Clients

Hello All, I'm trying to script LDAP integration to our public lab clients. Historically, we had the configuration settings saved in a custom image. Now, we are moving to the new DEP thin image method. Our internal requirements include using a author...  View more

  • 50 Views
  • 0 replies
  • 0 kudos

How to setup ldaps with split dns system.

I have .com for the inside and .edu for the outside. I do not own the .com only the .edu. The cert for the ad is linked to the .com. I can not make it .edu because things inside will brake. I was told the host name i use in the ldap screen and cert h...  View more

  • 97 Views
  • 0 replies
  • 0 kudos

JAMF Cloud and Azure ADDS

Hi All, We recently move our JAMF pro instance to the cloud so our LDAP no longer worked. We just got Azure ADDS set up and are trying to set up LDAP. We can connect to the domain using SSL after uploading the cert however when we go to put the usern...  View more

  • 92 Views
  • 2 replies
  • 0 kudos

Refreshing AD Group Membership

We are having an issue where one of our users is having an issue where their AD group membership on the Mac does not match our AD server. I have removed the AD server and re added it. I have also restarted the computer (multiple times) to refresh the...  View more

  • 64 Views
  • 1 replies
  • 0 kudos

Google Secure LDAP / Jamf Pro

Has anyone gotten this working to the point where they can authenticate to the JAMF web app?I have this working fine for user/group lookups but not for authentication. All attributes are returned correctly I just cannot use a Google LDAP user to logi...  View more

  • 65 Views
  • 0 replies
  • 1 kudos

LDAP connection- MFA Authentification not working

Hi Jamf,we have setup a LDAPS connection from our OKTA instance to Jamf. The reason for this is to have users to authenticate during first iOS enrollement.This works fine so far, with one minor blocker. Our Okta SSO uses MFA authentication. When the ...  View more

  • 284 Views
  • 5 replies
  • 0 kudos

Workflow with the "accountExpires" ldap attribute

I have an EA to pull in the accountExpires ldap attribute. The format is unreadable and I want to convert to human readable format. Then I want a smart group to catch users with PW expiring within a few days. Here is a link to bash script I fount to ...  View more

  • 93 Views
  • 2 replies
  • 0 kudos

Populate JSS Computer Name via LDAP Attributes

Has anyone found an easy/effective way to take data that gets assigned via LDAP (first name and last name) and assign it to the Computer Name field in JSS? Here's an example of what we're looking to do: If we have a computer called MacBook Pro (73) t...  View more

  • 50 Views
  • 0 replies
  • 0 kudos

Troubleshooting slow AD logins?

Can anyone offer any suggestions on how to troubleshoot a "slow login" issue? Specifically, we've had 3 Macs reported to us where login using Active Directory accounts is quite slow. We reproduced the issue with our test student AD account and found ...  View more

  • 110 Views
  • 8 replies
  • 0 kudos

Adding Attribute

I would like to include a user attribute from Active Directory to populate for my users. The attribute is not standard from other attributes collected by default from Jamf Pro. I would need the attribute to either show yes or no if the attribute is e...  View more

  • 64 Views
  • 2 replies
  • 0 kudos
Labels