Jamf Pro
Powerful workflows for IT pros
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Forum Posts

neebiee here.....auto log into Self Service

our environment is AD bound and I would like to have our users auto login to Self Serviceour JSS>Computer Management>Self Service>Login>I have "Require login with an LDAP account, JSS user account or Single Sign On.I'm running JSS 9.96 how can I make...  View more

  • 1163 Views
  • 1 replies
  • 0 kudos

Setup LDAP search on IOS

I was in the process of setting up our LDAP server from JumpCloud and i got the LDAP search function setup in settings but when i add the LDAP to the IOS device the contacts show nothing. Just curious if i am doing this correct. Thanks!!  View more

b13e57e822e84f2bb739b0a14a614346
  • 542 Views
  • 0 replies
  • 0 kudos

A guide to JSS Azure AD integration (LDAP + SSO)

Hi, I see that a growing number of organizations are migrating on-premise AD to Azure AD. Therefore, I decided to share our experiences using Azure AD as a authorization provider for Jamf Pro. First, LDAP is necessary in order to get user and group l...  View more

03dfa2fbe27547df9a1ca2d1b67e0cdb dcdad853771e41f5b077a929324908fd 15bb057b69944d608279469a64a48b75 8cf67fda8e1d46a8b8f31c3c71c9fde1
  • 17246 Views
  • 59 replies
  • 31 kudos

Lookup of AD username from CAC EDIPI number

OK, guys, here's what I'm trying to do; if the method is obvious to anyone I would very much appreciate some pointers. I am trying to migrate a whole bunch of Mac users from being standalone, unconstrained computers, into the Navy's DP architecture. ...  View more

  • 2682 Views
  • 3 replies
  • 1 kudos

Validating AD Binding

I've been working on a script that validates if a Mac's binding to AD is still active or not. This is an issue that seems to be caused when the computer is off the corporate network at the time of kerberos key cycling, typically set to 14 days (see d...  View more

  • 2195 Views
  • 4 replies
  • 0 kudos

Jamf Console access through AD Groups

Hope someone can help.. maybe it is working as designed or maybe I did something wrong.. Hope someone can help me out.. I intended to grant our users access to the Jamf Pro console by adding AD User Groups. Now, we have different domains like emea.co...  View more

  • 1012 Views
  • 1 replies
  • 0 kudos

Restricting Network Account Login to Single User

Hi All, I found this article on here about restricting network groups: [https://www.jamf.com/jamf-nation/discussions/4591/restrict-logon-to-specific-active-directory-groups](link URL) Has anyone found a way to set the allow network logins to a single...  View more

  • 498 Views
  • 0 replies
  • 0 kudos

Connect LDAP with Jamf Cloud

I'm not sure how to put this or explain it, but going to try my best. We moved over from an on-premise server for JAMF Pro to the Cloud. We wanted to connect LDAP with the JSS to provide the option with authenticating to Macs through the DEP process....  View more

  • 5054 Views
  • 10 replies
  • 0 kudos

Using Okta as an LDAP source

I am in the middle of deploying a centralized Jamf Pro instance for a large disparate organization. We're talking 5 business units with multiple sub-organizations, ultimately leading to well over 150 different Active Directory forests with no trust b...  View more

  • 15925 Views
  • 27 replies
  • 2 kudos

Cache AD user profile on remote system

We have home shored users that are too far from an office so we ship the Mac to them. Since security does not allow users to give their password out we are unable to logon as the user to setup their mobile profile on the mac prior to shipping. We hav...  View more

  • 1600 Views
  • 2 replies
  • 0 kudos

LDAP Group added to Exclusions List not working

I'm running JSS 9.97.1482356336 and have certain software blocked - App Store, iTunes, AirDrop, through the Restricted Software settings.We have developers that require access to the App Store, so I have been adding their LDAP account to the Exclusio...  View more

0ab62024130c4e6babeae5e754299c7a
  • 971 Views
  • 2 replies
  • 0 kudos

Multiple LDAP Servers?

We might be adding in some users from another LDAP server—we've always had just one. Any gotcha's or things keep in mind as we look at implementing this?  View more

  • 1909 Views
  • 6 replies
  • 0 kudos

os-x integration with FreeIPA

I have "most" of this functioning. When logged in as a local user, users can kinit with LDAP username in terminal and pull a ticket. BUT - I have two issues (and they appear to actually be the same issue). User authenticates to LDAP at login screen. ...  View more

  • 1477 Views
  • 3 replies
  • 0 kudos

LSS 9.96 breaks some LDAP authentications

I have an LDAP server with an OTP back end, and my admin users authenticate via this server as LDAP users. Up to version 9.93 this worked perfectly. Something changed in 9.96 that broke this. What I've been able to determine via logs and tcpdumps is ...  View more

  • 496 Views
  • 0 replies
  • 0 kudos

Infrastructure Manager cannot bind to address

My setup involves a public IP address (13.93.87.150) that resides on the firewall, NAT'ed to a private IP address (10.0.0.6). It seems that ldap-proxy cannot bind to the IP address because it doesn't reside on the server. Which makes sense. We'd need...  View more

  • 2332 Views
  • 6 replies
  • 1 kudos

LDAP Proxy Server Not Finding Users

I have setup an AWS instance holding the NetBoot/SUS/LDAP Proxy appliance inside of a VPC that has a VPN tunnel to our network (long story short: we have an ldap proxy server running and have tested connections back and forth). We've tested to and fr...  View more

  • 564 Views
  • 0 replies
  • 0 kudos

Anyone using OneLogin vLDAP as a directory for the JSS?

Like the title says. OneLogin offers a vLDAP feature which will turn your OneLogin user directory into a cloud-based LDAP directory. It works 75% of the time but I've noticed that it will run into an error such as losing connection/not being able to ...  View more

  • 3962 Views
  • 19 replies
  • 1 kudos

How often does JSS query AD

What i'm wondering is how often does JSS query LDAP? We are having users transfer schools a lot but JSS takes days or longer sometimes to update that users INFO to the new School location we have set in our AD attributes that JSS looks at. There for ...  View more

  • 1880 Views
  • 8 replies
  • 0 kudos
Labels