We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.
We use 3 different kinds of cookies. You can choose which cookies you want to accept. We need basic cookies to make this site work, therefore these are the minimum you can select. Learn more about our cookies.
Real talk, real tools and real-time support from people who get it.
Real answers from Apple Admins like you
Find your way around
Share your thoughts
Submit your idea
This guide will walk you through setting the local macOS account pictures for end-users via Jamf Connect Requirements: Jamf Pro Jamf Connect Formatted ID Token Path setup in Jamf Connect Login Config (/private/tmp/token) Azure Storage Blob Email addresses of users follow a pattern for all users (john.smith@myorg.com, jsmith@myorg.com, etc..) Tested with: Azure AD and Jamf Connect Test User: John.smith@ericsontech.com Steps: 1. First step is to get all of your user images. To make this easy on yourself name them the same as the user's email address. So for John Smith his email is john.smith@ericsontech.com I would name his image as john.smith@ericsontech.com.png and upload that image and all other user's images to an Azure Storage blob. Example: 2. Setup this script to run via Jamf Pro. I have mine setup to run via Jamf Connect Notify Note: You will need to update this with your Azure Storage Blob url curl -L "https://myazureblobname.blob.core.windows.net/mdm/$EMAIL.png" -o /tmp/$EMAIL.
Hello All! Our first Detroit Mac Admins meet up will be at Detroit Beer Co. on September 26th at 6pm. Join us to talk about all things Apple, as well as have a few drinks and some food. I plan on visiting the new Detroit Apple Store afterwards, which is only a few blocks away. See you there!
I (like others) use a smart group for students which lists devices that have “Apps Not In the App Catalog Are Installed”, in case some talented student is somehow able to download or sideload apps we don’t allow. I then use a configuration profile to hide all apps except those they downloaded/sideloaded, making their device near useless until they remove the offending app. Unfortunately with the iPadOS 26 update, Jamf Pro reports all the iPad default apps (camera, contacts, calendar, etc.) in the installed apps report. As these are default and can not be purchased through the app store, there is no way to add them to the app cataloge. So now every device that updates to iPadOS 26 will be considered to have unnauthorized apps on them. Not sure if this is a bug that Jamf will be able to fix, or if there is another work around to this.
Our school district would like to defer the upcoming macOS 26 upgrade (scheduled for release on September 15) but still allow security updates for macOS Sequoia. What is the best way to configure this in Jamf Pro so that the major OS upgrade is blocked, while security updates and minor patches for Sequoia remain available? Thanks
Has anyone had luck hiding the 4 slides that appear after an upgrade to Tahoe?
Howdy all, I am facing an issue that I can’t seem to solve with running Microsoft AutoUpdate via script from Jamf to keep our mac office apps updated. I have had this set up for several years and it had been working beautifully as a hands off solution. I am not sure exactly when it started failing, I recently noticed the problem and started digging into it. I am wondering if anyone is facing the same problem, or has advice on what to try. The setup is fairly simple, a policy that runs against a smart group of any macs with office apps that are not the latest version once a day. It runs a script to use the MAU command line msupdate to pull and install any available updates. Script is below, it only worked under user context originally so that is why it is set that way. The error I am seeing on every run now is related to the XPC connection, this happens on all clients no matter what, -reinstalled MAU with latest version, brand new mac build with latest install etc. I have the original P
Hey all, Wondering if anyone has any ideas on this? I am wanting to utilise SAM to lock down our iPads to a specific app. Trying to scope this through a department group but the device isn’t showing in the logs for the configuration profile. There are devices in there, just not the two that I specifically need. Both devices that aren’t showing in the logs are supervised and managed institutionally so unsure on what the issue is here… I have also checked to see if I can manually add the two devices but they are not showing when I try to search for them? Getting increasingly confused as the devices that are showing scoped currently, and are in the profiles logs, are NOT supervised...
Morning, Despite my best efforts i haven’t found a solution online so my question is, can i deploy an automator workflow i’ve created via Jamf Pro as some sort of policy of which i can then distribute to selected machines? Thanks
I have a Configuration profile to set the wallpaper to the corporate wallpaper, but that give error on MAC OS 26 Tahoe. Any one with the same problem?
Hi All, We have setup Jamf Pro SSO and Cloud idP for to EntraID. We then tried to use the EntraID groups for the targeting of applications/configuration profiles but they wouldn’t scope correctly. I logged a ticket with jamf support and their theory was that because we map UserPrincipalName (i.e. Full email address), this doesn’t match the username on the local account because it doesn’t support the @ symbol. Their suggestion is to drop anything after the @ symbol on the mapping but it’s not that simple as we use the full UPN for other configurations in Jamf. So i guess my question is does anyone else have iDP setup with Jamf and do you sync the full UPN and able to target users via EntraID groups? TIA.
We use Jamf Pro Cloud with Jamf Connect (for account creation + Entra ID password sync).After enabling “Use Self Service+ as the default end user app” in settings: Old Self Service was upgraded to Self Service+ on existing Macs Jamf Connect was removed, menu bar now has Self Service+ icon instead On new enrollments, we install Jamf Connect 2.45.1 → now it’s there alongside Self Service+ I can’t find clear docs on this — so: Questions: Is Self Service+ intended to replace Jamf Connect completely? If yes, should we skip installing Jamf Connect post‑enrollment? Or should we move to Jamf Connect 3.x? Any official migration guide for 2.x → 3.x with Self Service+? Any experience or official Jamf resources appreciated.
I’m trying to implement Jamf Setup Manager. I have everything aligned regarding the configuration profile and the Jamf Setup Manager PKG assigned as an enrollment package. But the PKG won’t install. I’m not seeing any logging or the app in the Utilities folder after enrollment. Any suggestions would be appreciated.
Earn a cool badge and Jamf Nation Reward Bytes for your published articles. We’re looking forward to your submissions!
1 Question Answered
216 Questions Answered
30 Questions Answered
17 Questions Answered
15 Questions Answered
44 likes
18 likes
17 likes
16 likes
14 likes
Learn about our customer advocacy program that celebrates our most passionate customers.
Join the community to receive product updates, and share feedback.
Already have an account? Login
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.
Sorry, our virus scanner detected that this file isn't safe to download.
