Posted on 11-18-2020 10:20 AM
Hello wondering if anyone has dealt with this ask, or a similar situation before - we have been brainstorming but have not come up with a clean solution as of yet.
We want to only allow a device to connect to our on-prem exchange/ActiveSync if it is enrolled in Jamf. I know this is easy to do with intune --- It is my understanding that this can be done with user certs but Jamf ADCS cannot deploy user certs at this time. Has anyone else come up with a method of locking down activesync only for Jamf devices? I am more familiar with Jamf than I am with the ActiveSync side as we have the Exchange administrator managing that.
Thanks in advance
Posted on 11-19-2020 11:15 AM
You may want to discuss this with your Microsoft admin. Intune integration with Jamf can allow Microsoft Conditional Access to apply to your Jamf-managed devices (as well as Windows 10 & Android). This allows you to keep using Jamf, while Intune gets a minimal sync of data for compliance-checking.
Posted on 11-19-2020 12:11 PM
Thank you for the comment/information, last I knew we did not have proper intune licensing, but I will explore this option with management as it seems like the most effective/easiest implementation