Hello Jamf Nation!We have several exciting new features including new Login functionality, Managed Software Updates enhancements, Packages page redesign, and more! You can find more information in the release notes when you enroll.Starting with the J... View more
I haven't completely tested this yet, but has anyone else had issues with password syncing when password changing with AD bound high sierra macbooks? I recently changed my own account, and it didn't sync back to active directory... and I am wondering... View more
Hello, I've got two questions about scoping mobile device apps. Can I set up multiple scopes to a single app? So far, it seems to be one way or the other. I want to be able to automatically install an app for some device-based or user-based scoping, ... View more
Hi, I see that a growing number of organizations are migrating on-premise AD to Azure AD. Therefore, I decided to share our experiences using Azure AD as a authorization provider for Jamf Pro. First, LDAP is necessary in order to get user and group l... View more
Hello! After our 4 hour migration call, we've hit a hang up with migrating to JAMF Cloud, particularly with adding a new LDAP Server. (To preface this, we had JAMF on an on-prem server before, but have imported everything to Azure AD.) When we select... View more
OK, guys, here's what I'm trying to do; if the method is obvious to anyone I would very much appreciate some pointers. I am trying to migrate a whole bunch of Mac users from being standalone, unconstrained computers, into the Navy's DP architecture. ... View more
I've been working on a script that validates if a Mac's binding to AD is still active or not. This is an issue that seems to be caused when the computer is off the corporate network at the time of kerberos key cycling, typically set to 14 days (see d... View more
Hope someone can help.. maybe it is working as designed or maybe I did something wrong.. Hope someone can help me out.. I intended to grant our users access to the Jamf Pro console by adding AD User Groups. Now, we have different domains like emea.co... View more
What is the correct LDAP attribute to enter in the JSS LDAP Email Mappings field? I've tried EMailAddress but that is not working. View more
Hi All, I found this article on here about restricting network groups: [https://www.jamf.com/jamf-nation/discussions/4591/restrict-logon-to-specific-active-directory-groups](link URL) Has anyone found a way to set the allow network logins to a single... View more
I'm not sure how to put this or explain it, but going to try my best. We moved over from an on-premise server for JAMF Pro to the Cloud. We wanted to connect LDAP with the JSS to provide the option with authenticating to Macs through the DEP process.... View more
I am in the middle of deploying a centralized Jamf Pro instance for a large disparate organization. We're talking 5 business units with multiple sub-organizations, ultimately leading to well over 150 different Active Directory forests with no trust b... View more
We have home shored users that are too far from an office so we ship the Mac to them. Since security does not allow users to give their password out we are unable to logon as the user to setup their mobile profile on the mac prior to shipping. We hav... View more
Hi all. Having a major issue with Casper Admin and LDAP users. Our organisation has a password policy that stipulates the use of special characters. This is causing us major issues. Example - a user is imported into the JSS and then launches Casper A... View more
I'm running JSS 9.97.1482356336 and have certain software blocked - App Store, iTunes, AirDrop, through the Restricted Software settings.We have developers that require access to the App Store, so I have been adding their LDAP account to the Exclusio... View more
We might be adding in some users from another LDAP server—we've always had just one. Any gotcha's or things keep in mind as we look at implementing this? View more
Our company has made the decision to migrate our On Premises (Currently on v.9.96) to the Cloud Hosted JSS instance. We are slowly integrating Macs into the Enterprise environment with almost 280 Macs globally (North America, Europe, and Asia) and wi... View more
I have "most" of this functioning. When logged in as a local user, users can kinit with LDAP username in terminal and pull a ticket. BUT - I have two issues (and they appear to actually be the same issue). User authenticates to LDAP at login screen. ... View more
I'm attempting to make a policy available to only faculty members at a few of our schools. I've got the policy set up to run once per computer with no trigger, available in Self Service, and targeting to all computers and all users. Set up like this,... View more
I have an LDAP server with an OTP back end, and my admin users authenticate via this server as LDAP users. Up to version 9.93 this worked perfectly. Something changed in 9.96 that broke this. What I've been able to determine via logs and tcpdumps is ... View more
I have been looking for the best way to maintain accurate User and Location records for computers in the JSS and have a script written to help achieve this. This is all in the attempt to have accurate information for user level SCEP requests. #!/bin/... View more
Ok, I’m working on setting up our Macs to authenticate to our Novell/NetIQ/MicroFocus eDirectory via pure LDAP. We’ve used Condrey/Novell’s Kanaka in the past, but the server part had a bad habit of ceasing to respond at random intervals. All we were... View more
My setup involves a public IP address (13.93.87.150) that resides on the firewall, NAT'ed to a private IP address (10.0.0.6). It seems that ldap-proxy cannot bind to the IP address because it doesn't reside on the server. Which makes sense. We'd need... View more
Foxpass has a great article about integrating with the JSS View more
I have setup an AWS instance holding the NetBoot/SUS/LDAP Proxy appliance inside of a VPC that has a VPN tunnel to our network (long story short: we have an ldap proxy server running and have tested connections back and forth). We've tested to and fr... View more
Like the title says. OneLogin offers a vLDAP feature which will turn your OneLogin user directory into a cloud-based LDAP directory. It works 75% of the time but I've noticed that it will run into an error such as losing connection/not being able to ... View more
What i'm wondering is how often does JSS query LDAP? We are having users transfer schools a lot but JSS takes days or longer sometimes to update that users INFO to the new School location we have set in our AD attributes that JSS looks at. There for ... View more
https://github.com/andrewseago View more
Are there any topics or questions people would like to see addressed as part of this session? View more