Posted on 02-01-2023 07:53 AM
Our wifi requires that a profile containing several certificates be installed, and Monterey+ requires admin credentials to do this. This creates an unnecessary burden in the case of sysprep, changed passwords, and certificate updates. I'd like to allow standard users to add/remove profiles (that aren't managed by Jamf Pro). I'd hoped this would be as simple as it was to enable standard users to modify date/time settings, but the "security authorizationdb" command did not work for Profiles.
Any suggestions would be appreciated!
Posted on 02-01-2023 09:09 AM
If it is just to add certificates for WiFi you should look into the AD CS connector and SCEP, with this integration you can push the certificate to the device with a configuration profile
Posted on 02-01-2023 09:31 AM
Thank you for that suggestion. That might just be the ideal solution here, if we can make that work.
Posted on 02-01-2023 09:58 AM
I dont think what you are asking is possible. However, there is no reason JAMF could not deploy the configuration profile containing the certificate or one that builds the certificate.