Hello Jamf Nation!We have several exciting new features including new Login functionality, Managed Software Updates enhancements, Packages page redesign, and more! You can find more information in the release notes when you enroll.Starting with the J... View more
EDIT: To anyone wondering, this was a bug in version 10.20 - it has been resolved in 10.21. Hello everyone, Could anyone please let me know if they have the same issue as me? I'm on JamfCloud, currently version 10.20.1-t1584039255, and I've noticed t... View more
Looking to see if any of the other MacAdmins out there knows how to scope a policy to an AD computer group. All my Macs are bound to AD. I'm looking to setup a process for our licensed applications where the computers are placed into a particular AD ... View more
We are looking to enable SSO on our JSS so our admins will have 2factor. We currently use LDAP for admin logins and for user lookups for assinging systems. If we set up SSO will user lookups and assigned users start pulling from the SSO or will they ... View more
My organization is looking for ways to make our deployment workflow completely zero-touch as a response to the COVID-19 crisis. A little background: All of our Macs are bound to a domain. It is a large educational organization with multiple child dom... View more
Are you guys able to lookup user groups via Okta LDAP? I'm able to lookup usernames, but user groups is not working for me.... Does it work for anyone here using Okta LDAP? If so, can you give me an example of what you're entering, as far as syntax g... View more
I have a question for the community in regards to a security issue we discovered. Our Jamf cloud instance is AD/LDAP integrated (onPrem) and when the failover link is used to sign-on to the cloud console, our LDAP registers authentication attempts. T... View more
Hi Everyone, I have a policy that runs a script which grabs a users full name, splits it into 2 (first and last) and puts a . in between and then appends the domain name. The issue is that when the policy runs off of a trigger, it grabs "System" as t... View more
Hello, I need to connect my Jamfcloud instance to my active directory. I have an azure AD subscription but without using a purpose built DMZ. What is the easiest/best way to do this? I have found a guide on MSonline but it does not seem to be complet... View more
I made a pretty simple extension attribute script that lists the OU path of a computer bound to our AD: #!/bin/sh ad_computer_name="$(dsconfigad -show | grep "Computer Account" | awk '{print $4}' | rev | cut -c 2- | rev)" ad_ou="$(ldapsearch -LLL -h ... View more
Hi, I'm testing an enrollment setup with an enrollment customization that contains an LDAP authorization pane. I have added the Domain Users group to the customization so that any user is allowed to use it. The pane shows up, but when I try to author... View more
We can query users that our in our on-prem LDAPS server within Jamf Cloud just fine, but when we enable Require Authentication for Prestage Enrollment and the user enters in their LDAPS account on a new Mac, the computer thinks about those credential... View more
Looking to make our environment more secure. We are self hosted and clients are bound to a local/hosted Active Directory.We rely less and less on AD and at some point will move to other solutions but for now that's where we are.Our fleet of Macs are ... View more
I'm extremely new to Jamf, mostly dabbling where other people have already set up the environment. We were working on setting up the pre-stage enrollment for our DEP iPads. DEP is working, the LDAP SSL connector is working, but when we get to the Rem... View more
JSS server got upgraded from v10.12.0 to v10.16.0.1 and it works great including LDAP login. After couple of days, LDAP JSS login failed but standard accounts work great. AD team confirmed that there is no problem from the AD side of things. Has anyo... View more
Hello All, I'm trying to script LDAP integration to our public lab clients. Historically, we had the configuration settings saved in a custom image. Now, we are moving to the new DEP thin image method. Our internal requirements include using a author... View more
I have .com for the inside and .edu for the outside. I do not own the .com only the .edu. The cert for the ad is linked to the .com. I can not make it .edu because things inside will brake. I was told the host name i use in the ldap screen and cert h... View more
UPDATE 2020-02-04: Microsoft has postponed the update again from March 2020 to the second half of 2020. UPDATE 2020-01-24: Microsoft has postponed the update from January 2020 to March 2020. For y'all who are binding your devices to Active Directory,... View more
Hi All, We recently move our JAMF pro instance to the cloud so our LDAP no longer worked. We just got Azure ADDS set up and are trying to set up LDAP. We can connect to the domain using SSL after uploading the cert however when we go to put the usern... View more
Hello everyone!Last week we finally decided to upgrade to JAMF PRO 10.16 in our company and that also required migrating from Java 8 to Java 11 in our case. After successful installation on test environment we decided to go with the upgrade on produc... View more
We're looking at enhancing our new Mac deployment process so that the proper apps get installed on the proper Macs automatically after enrollment. Does anyone utilize a process like this, and if so, what is the process you employ for accomplishing th... View more
We are having an issue where one of our users is having an issue where their AD group membership on the Mac does not match our AD server. I have removed the AD server and re added it. I have also restarted the computer (multiple times) to refresh the... View more
Has anyone gotten this working to the point where they can authenticate to the JAMF web app?I have this working fine for user/group lookups but not for authentication. All attributes are returned correctly I just cannot use a Google LDAP user to logi... View more
Hi Jamf,we have setup a LDAPS connection from our OKTA instance to Jamf. The reason for this is to have users to authenticate during first iOS enrollement.This works fine so far, with one minor blocker. Our Okta SSO uses MFA authentication. When the ... View more
Just curious... thought this would be simple, but I've not stumbled onto the trick just yet. Upgraded to Jamf 10.14.1, was looking forward to using the expanded LDAP lookup to handle scoping (via smart groups) for a few specific items. Looks like the... View more
Hi There, I think I know the answer to this but wanted to poll the community. I'm attempting to provide access to my LDAP directory service via Azure AD. I would prefer not to expose my LDAP servers directly to JAMF and would like to have this all ru... View more
I have an EA to pull in the accountExpires ldap attribute. The format is unreadable and I want to convert to human readable format. Then I want a smart group to catch users with PW expiring within a few days. Here is a link to bash script I fount to ... View more
Has anyone found an easy/effective way to take data that gets assigned via LDAP (first name and last name) and assign it to the Computer Name field in JSS? Here's an example of what we're looking to do: If we have a computer called MacBook Pro (73) t... View more
Can anyone offer any suggestions on how to troubleshoot a "slow login" issue? Specifically, we've had 3 Macs reported to us where login using Active Directory accounts is quite slow. We reproduced the issue with our test student AD account and found ... View more
I would like to include a user attribute from Active Directory to populate for my users. The attribute is not standard from other attributes collected by default from Jamf Pro. I would need the attribute to either show yes or no if the attribute is e... View more
