Azure Entra, JAMF Pro/Connect and Macs

SDSAdmin
New Contributor II

Greetings, our company uses Entra ID for IAM. We are trying to get compliant for CMMC and need to use Entra profile credentials to start logging into our macs and need those logins to be traceable. I tried setting up setting up some of the configurations and honestly Ive had to jump from one article to another trying to figure out what needs to be done. Does anyone know of any resources, videos or step by step guides that can help me achieve what I should be doing? We also want to utilize Intune as our MDM platform and use JAMF to trace the identities and their activities on the MACs. any guidance on this would be greatly appreciated. 

Thanks  

1 ACCEPTED SOLUTION

jamf-42
Valued Contributor II

this may assist with compliance https://github.com/usnistgov/macos_security and this establishing-compliance-baselines

if your a Windows shop.. with limited JAMF knowledge.. it would be wise to get consultancy... and get it setup correctly.. once.. and build from that.. its not quick or simple task to re-engineer 

View solution in original post

7 REPLIES 7

jamf-42
Valued Contributor II

We also want to utilize Intune as our MDM platform and use JAMF....

You can only have one MDM for Macs.. so its JAMF or Intune as the MDM.. 

SDSAdmin
New Contributor II

JAMF to trace identities. Intune to manage devices. Because we are a Microsoft only shop so we know Intune better than we know JAMF MDM. unless this isnt recommended 

jamf-42
Valued Contributor II

its not possible.. you can only have one MDM.. so you use Intune and enrol with that OR you enrol with JAMF.. 

SDSAdmin
New Contributor II

I see, but can we use JAMF Pro as primary MDM and integrate with Intune to enforce compliance for conditional access?

jamf-42
Valued Contributor II

exactly that.. 

jamf-42
Valued Contributor II

this may assist with compliance https://github.com/usnistgov/macos_security and this establishing-compliance-baselines

if your a Windows shop.. with limited JAMF knowledge.. it would be wise to get consultancy... and get it setup correctly.. once.. and build from that.. its not quick or simple task to re-engineer 

SDSAdmin
New Contributor II

yes, I was under the same impression that working with JAMF MDM is not going to be as easy as Intune for us and this will definitely cause delays. I greatly appreciate your help and correcting my misunderstanding on this