We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.
We use 3 different kinds of cookies. You can choose which cookies you want to accept. We need basic cookies to make this site work, therefore these are the minimum you can select. Learn more about our cookies.
Real talk, real tools and real-time support from people who get it.
Get answers from fellow admins
Find your way around
Share your thoughts
Submit your idea
I uploaded the Protect plan to Jamf Pro configuration profile. I was wondering if Protect also works on devices? I tried to upload the same file to the devices but it ends up failing. If there is any documentation for deploying to devices, please point me to it!
At some point in your career as an Apple Admin, you’ve (most likely) inherited a Jamf instance and said either to yourself or out loud, “Huh, I wonder why they did that. I certainly wouldn’t do it that way” or “That’s not the best practice I was taught”. Caveat: There’s no such thing as best practice. The better concept is defining the best practice for your environment . This is where you get to step in and be the hero. It’s your job to take the environment, back it up first. Make sure you backup your instance and sync it to your free Jamf sandbox (If you don’t have one, talk to your rep). Once you’ve backed up and sync’d to the sandbox, I hope you’re noticing the theme here…you can get started with the H.E.R.O. process. Something not mentioned is the process of writing documentation. DOCUMENT, DOCUMENT, DOCUMENT. Write down everything from the current state, proposed changes, changes you made (with dates), how configs work, workflow processes, and everything else. The 1st thing after
I’ve got a weird issue with MS Defender Configuration Profiles applying/Un-applying intermittently. As part of our enrollment process we install MS Defender and apply Configuration Profiles. This has been working fine for close to 12months. Now for some reason even though the Configuration Profiles are still applying (You can see them in Device Management). The configuration doesn’t always apply even when it does apply the settings can stop taking affect shortly afterwards. Device Management still has the Configuration Policies applied. I’ve tried downloading fresh configurations, onboarding etc. from Microsoft with exactly the same result. Has anyone else seen this?
I am trying to package up Mudbox 2026 using below script. However the app does not install when I run the package for Mudbox. Any ideas? #!/bin/bash #Copy installer app from .dmg to /tmp #Modify values below as necessary (Usually: year and pKey) #Set variables year="2026" pkgPath1="/private/tmp/InstallMudbox2026.app/Contents/Helper/Packages/Mudbox/Mudbox_core2026.pkg" pkgPath1="/private/tmp/InstallMudbox2026.app/Contents/Helper/Packages/Licensing/AdskLicensing-15.1.0.12339-mac-installer.pkg" pkgPath2="/private/tmp/InstallMudbox2026.app/Contents/Helper/Packages/Licensing/adskflexnetserverIPV6.pkg" pkgPath3="/private/tmp/InstallMudbox2026.app/Contents/Helper/Packages/Mudbox/Mudbox_AdLMconf2026.pkg" pkgPath4="/private/tmp/InstallMudbox2026.app/Contents/Helper/Packages/Mudbox/Mudbox_core2026.pkg" mudboxpKey="437R1" networkServer="Network License Server" mudboxlicPath="/Library/Application Support/Autodesk/AdskLicensingService/${mudboxpKey}_${year}.0.0.F" mudboxlicFile="LICPATH.lic" mudboxl
As I'm writing articles, I'll update this page with the latest articles: Updated 23SEPT2024 What is Platform Single Sign-On - An overview of the technology and how it works https://community.jamf.com/t5/jamf-pro/what-is-platform-single-sign-on/td-p/320251 Configure PSSOe for Microsoft Entra ID Jamf Technical Guide: https://learn.jamf.com/en-US/bundle/technical-articles/page/Platform_SSO_for_Microsoft_Entra_ID.html Sean's first draft guide: https://community.jamf.com/t5/jamf-pro/configure-platform-single-sign-on-pssoe-for-microsoft-entra-id/td-p/320252 Configure Kerberos SSO with Microsoft Entra PSSO - https://community.jamf.com/t5/jamf-pro/configure-kerberos-sso-for-microsoft-entra-platform-single-sign/m-p/323781#M278609 Some sample .mobileconfig files for you to modify - https://github.com/sean-rabbitt/jnuc-2024 Configure PSSOe for Okta Identity Engine https://community.jamf.com/t5/jamf-pro/configure-platform-single-sign-on-for-okta-identity-engine-with/m-p/320483#M277239 End user exp
Hey folks, I worked on a script to deploy Autodesk 2026 (the one that uses the named user licenses). We don’t teach Mudbox, so that isn’t in the script...but Maya and AutoCAD is (along with Darwin..what a PIA to get working). I packaged the apps and deployed to /private/tmp/AutodeskApps… I have a lot of logging left in the script as Darwin is a royal pain and can fail at many different steps. I also made use of a lot of variables to hopefully make updating in the future easier. Oh, also did it in zsh. Hope you all find it useful, or at the very least, a good jumping off point! #!/bin/zshset -euo pipefail ############################# VARIABLES############################YEAR="2026"TMP="/private/tmp"APP_TMP="${TMP}/AutodeskApps"LOG="/var/log/autodesk2026_install.log" DMG_LIST=( "Autodesk_Maya_2026_1_Update_ML_macOS.dmg" "Darwin.dmg" "AdskIdentityManager-UCT-Installer.dmg" "Autodesk_AutoCAD_2026_macOS.dmg")PKG_FILE="AdskLicensing-15.4.0.13093-mac-installer.pkg"INSTALL_SUMMARY=() log() {
Hello,I just set up SSO in Jamf Account.I'm not sure where I need to grant administrator privileges to your Identity Provider (IdP) to configure a connected app and assign the relevant users and groups.
When adding apps to Self Service (or even Self Service+) via Mac Apps, the applications descriptions are in German. I’ve ensured that English is set to the preferred language and enabled location service. This is being run on a test VM but I can’t for the life of me figure out why this would be the case?
Hi everyone, I’m currently exploring the possibility of deploying Jamf Connect in our organisation. I have setup the SSO in Jamf Account to point to our EntraID tenant and it’s working fine to login users in both Jamf Account and Jamf Pro Cloud. All the documentation seems to suggest that I need to configure another app in Entra ID to allow Jamf Connect to authenticate users but since Jamf has introduced the Jamf Account OIDC SSO to try and harmonise things, I’m wondering if I can just point Jamf Connect at that rather than creating a new app. Can this be done or am I misunderstanding how the OIDC SSO connection works in Jamf Account? Thanks, Kieran
HI Jamf Nation, I was wondering if there is already a Jamf Group dedicated to Mac admins in the LATAM region. I might have missed it, or perhaps it hasn’t been created yet. If it doesn’t exist, I’d love to explore how I could start one to help foster conversations and collaboration among admins based outside the US and APAC. Thanks again for all your support, and best of luck with the new Jamf Nation experience.
Question for how/if we have controls to deploy a specific app version to iPads. We have a couple applications we use and work closely with the developer and schedule when we make the update available on our EFB iPads. We use the check boxes ‘Schedule Jamf Pro to automatically check the App Store for app updates’ and ‘Force App Update’ to accomplish this. Today is the first time we noticed a different version was installed than what Jamf Pro is reporting as available. This is what is showing under Mobile Device Apps. Does it always install the newest version of what’s available in the Apple store via Self Service regardless of what Jamf Pro is reporting? When looking at the Inventory for the iPad we see that 10.5.1 was installed.
CIS 1 Allow Touch ID to unlock your mac what needs to be deactivated? Hi Hope you can help, how do we allow users to use Touch ID rather than the full password each time sleep is activated. What needs to be unticked in the list of Managed Rules in compliance? Thanks
Hi, I recently set up a new Windows Distribution Point and am now trying to connect to it via the Jamf Sync App, but cannot get a connection. I see the DP in jamf sync, but it only asks for a password, not for a username. No matter what password I use I always get the error Message “Failed to load the … distribution point: cannotGetFileList” Unfortunately the new jamf support is pretty useless as there is not more option for me to communicate in english. All communication is automatically translated to german, but the translation is not that good so I often dont quite get what the supporter wants to tell me. Just english would be much better for me.
Hi all, I try to create a user level configuration profile for ethernet (for 802.1x LAN authentication).So basically, the same we already use for WiFi. We currently use a computer lvl profile, which works without issues. But have to change it to user lvl because of the strong auth change Microsoft enforces soon. The settings should work but as soon as I click on save, the network payload vanishes. Without an error or any explanation… As said before, the WiFi profile (also user lvl) works like a charm. Any tips on why this might happen? BR Thomas
Earn a cool badge and Jamf Nation Reward Bytes for your published articles. We’re looking forward to your submissions!
216 Questions Answered
30 Questions Answered
17 Questions Answered
15 Questions Answered
18 likes
15 likes
13 likes
10 likes
Learn about our customer advocacy program that celebrates our most passionate customers.
Join the community to receive product updates, and share feedback.
Already have an account? Login
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.
Sorry, our virus scanner detected that this file isn't safe to download.