2020 Apple/JAMF Goals

New Contributor III

As we start to gear up for next year. From an Apple enterprise environment, what is everyone looking to accomplish for the following year? Any major upgrades or new implementations? Any new technology you are introducing. What were the major things you have accomplished this year? This might help give each other new ideas on making our current environment better.


Valued Contributor II

While I am all on board for this topic.. for me it usually is just waiting for Apple to deliver on last years WWDC announcements.


Valued Contributor III

I'll take the bait on this one:

What are you looking to accomplish? This question should rock most IT folks to the core of what your business/institution is all about. To get to the heart of that one, consider reaching out to your end users who deal with your customers/patrons and find out what is standing in their way technology wise and try to figure out how to solve it if possible. In my environment, our biggest headaches are web filters, users having too many accounts and passwords to remember, deadlines, incompatibility issues, etc.

Occasionally a boneheaded move on my part my end up may cause detriment. I remember on the first week of school a small mistake I made caused folks to lose all their apps on the iPads they just set up...yes I confess this, but I have to learn from what went wrong and take it forward. No malicious intent...I was trying to deliver Managed Apple IDs with Azure integration properly and made an unforeseen mistake when linking the JSS to Apple School Manager...luckily it got corrected within a couple of days and exposed other things that we wouldn't have seen otherwise. I used that as an opportunity to delve into whether our PowerSchool records were accurate for our users.

You also have to consider management constraints and expectations. If management says you have to implement a new web filter to replace one that is not serving well, you figure out how to make it work as best you can in your environment.

In short focus on what your end users and management want as a whole and deliver additions to your environment that fill those needs. It's also important to work with your management to understand the situation ahead of time so they don't ask you for something you cannot deliver. For instance, trying to manage iOS devices exactly like a computer would be managed. You can only work within the constraints of what is possible...in this case, it's not and I frequently have the not-so-fun job of pointing out exactly why something cannot be accomplished with good documentation to back it up.

New tech we have introduced this year:

Fully implemented Apple School Manager and brought managed Apple Classroom classes, Apple Schoolwork and the benefits of a 200 GB iCloud account to our end users. No longer will I have to hear that 5 GB isn't enough storage to backup mobile devices.

As part of the full implementation of Apple School Manager, we leveraged a brand new feature of Apple's that allowed us to use Azure accounts for Single Sign On. In short, our end users creds are always the same as their managed Apple ID. For those that need freedom to download from the App Store, they are able to use a personal account to do so or request the App be added to Self Service. I'm hoping to take this a step further once the App Request portal capabilities of Jamf Pro get tweaked just a bit. (Please let app requesters be a smart group not a static group if Jamf folks are reading this. We wish to turn requests over to a large group, but keep a small approvers list.)

On the Mac side of the house, we delivered 10.14 upgrades this summer and almost have upgrades delegated to be a user-facing task, not an IT one.

I listened to the end users in our RadioTV labs and music labs and was able to deliver an elegant solution to allow our RTV center to bring 4K video into the equation and new recording hardware in the music labs.

We also began testing our new teacher laptop deployment, and I have spent quite a bit of time obsessing over the docking stations used in some of our newer classrooms. We had a new school come online this summer and a new career academy open up.

Given our users requirements at various places in the district for Adobe stuff, we had to jump head first into Adobe's new Creative Cloud Shared Device Licensing model and were finally able to spin up everything needed to pull that off in time for school to open.

My thoughts:

Some of this stuff sounds stale/boring/evolutionary-not-revolutionary honestly...Apple School Manager/Classroom had been out for a while, but we realized we weren't using it efficiently simply because we didn't want yet another set of login creds for our kids. With the Azure Single Sign on, that became more palatable and we realized the benefits of fully using it outweighed our previous policies to not use it fully.

Adobe's Shared Licensing was something we knew was coming, but we had little way to kick the tires on without a lot of work this summer.

10.14 has been out since last year at this time, but given that we built machines for people last summer, I didn't have it yet other than as a beta. I'm actually already starting the process of getting full support for 10.15 (not zero day, but hopefully during the same semester for early adopters).

I think I am most proud of our hardware refreshes and future plans for operating systems. Sounds boring, but I enjoy actually taking a class period to open a dialogue with our teachers about what they want in a new lab (given budget constraints). Many times those "would like to haves" are fairly easy to grant when I try to work with the staff. (The 4K video capability) Some of those sessions caused me to write more relevant Self Service policies that save a work ticket here and there. I've learned that sometimes the expectation is for me to take a more active role managing some groups of machines and a lighter touch on others.

Testing our new docking stations sounds boring, but I found a great new docking station for the new MacBook Air that really makes maximum use of the new A/V system installed in some of the new classrooms constructed in our district....only problem...I found that the docking station I'm considering requires half a brain cell to get a machine docked properly. Given that, I had our building tech perform some simple sociology experiments with our end users to see if the one I found is going to work or whether it will generate unnecessary work tickets.

In short nothing great big and timely, but the big stuff has a way of working itself in..usually as part of solving our staff and students' needs. Hopefully your end users/management can help you to answer this question properly for your organization.

Valued Contributor

I'd love to implement the Single-Sign on solution so when a user signs into the computer, he/she will automatically be signed into every Microsoft application. (onedrive, outlook, skype, teams etc)

I'd like to implement is performance testing, I want to be able to run a program or script that gives me a decent overall representation of the computers performance doing standard workflow tasks.

Automatic user data backup without a massive performance hit. Hey I love to dream.

Valued Contributor III

Amen to all of those.

The second one you can kinda do with Geekbench, but its too theoretical for my liking.

New Contributor III
  • More automation leveraging APIs
  • Configuration management - while JAMF has configuration profiles, etc. need something like SALT or similar to enforce that a system doesn’t deviate and automatically is remediated.
  • Need better management of sudoers, pf, and other config files
  • 10.15 readiness
  • Backup/restore script to handle replacement computer distribution more efficiently.


Contributor II

In the coming year
- replacing 150 end of life devices, which will then make us a 100% DEP environment.
- doubling the number of iPads in our school to make our K-6 section fully 1 to 1
- fully integrating OKTA in our school
- full network upgrade - new switches and Access Points

what i'm proud of accomplishing this year
- Fully rebuilding our Jamf server from scratch in Jamf cloud after a massive database corruption/backup failure with our onPrem. from the moment of failure to being 100% again took me 1 week. It was a slog but i'm happy to have everything running properly following good workflows and more up to date best practices
- fully automating DEPnotify into our setup process
- really stepping up my scripting game from practically 0 knowledge
- finally replacing all our old SMART board projectors with new promethean TV boards

New Contributor III

What I need from Jamf - Better tools for configuration management SALT, Puppet, Chef, Jamf is very good but the binary can do more...
I need more direction from Jamf on Apple Initiatives ( SysadminCtl, Z Shell, PPC Management to name a few)
I need a clearer channel to Level II support. My questions are 98% never handled by level 1 why can't have an escalation path
I need A LOT more 10.15 readiness information. I am testing on my own but it would be nice if Jamf provided some guidance on what Apple has told them to do.
I need a methodology for Jamf to Auto Update apps without my interaction ( Chrome, Firefox, Flash Player, Etc) I have relied on scripting and I would like to rely more on the JSS>

Honored Contributor

Data, everything you do should be in some sort of data store. Collected, correlated, parsed, questioned, and so forth. Integration is the how you do this. Many different tools provide many different sets of valuate data. However, how do you centralize, contrast, and compare? How do you make decisions based on data, and not from best guesses, gut feeling, or just maybe personal opinions? My goal is to get centralized data from many data points and compare them, vet them, validate them, and plan accordingly based on the data presented.