I'm relatively new to Jamf and taking over a system three years in development by our previous Mac admin, and I was wondering if anybody had any tips on best practice for AD enrollment and then checking for any Macs that drop off, with a mechanism for automatic re-join?
We have a setup at the moment that deploys an initial policy with a directory binding payload, and then a system whereby a script is run to re-bind the Mac should it drop into one of several computer groups based on a "joined to AD" extension attribute.
That extension attribute is proving troublesome however as it has stopped populating via our api script (case open with Jamf at the moment).
However while I'm poking around with that, I was wondering how other folks handle this? We're an educational institution with a large amount of labs, so I was hoping to streamline and make this as efficient as possible.
Out of curiosity, David, you mentioned using configuration profiles instead of policies and EA... is there a setup guide i could have a look at kicking around anywhere? Do you configure one profile to join the Mac and then leave it at that, or do you have any checks in place to re-apply, etc?