Help

Compliance device info: Jamf -> Intune Endpoint -> Azure device

KaizenRicky
New Contributor

Posted on ‎06-07-2023 09:15 AM

Hi,

I'm looking for a bit of specific information around how device info travels between Jamf, Intune and Azure.

We have a client using compliance via InTune on Macs, they're questioning why the three locations are showing different levels of info and therefore different compliancies. 

 

My understanding is that the flow of information goes:

A change in device info during a Jamf Inventory triggers a sync to InTune

Whilst this info is then stored in InTune, it's not used for Compliance. InTune collects it's own data via Company Portal for that (OS, Encryption, etc)

Then 'eventually' Azure receives the info - from a mystery source.

 

Am I mistaken? I can't find this in any Jamf/MS documentation, so if anyone is able to shed any light on it, I'd be grateful.

 

Thanks

0 Kudos
Reply
1 REPLY 1

sdagley
Esteemed Contributor II

Posted on ‎06-07-2023 11:07 AM

@KaizenRicky The older "Conditional Access" model fed device inventory from Jamf Pro into Intune for compliance evaluation. That model is bring retired by Microsoft in favor of a new "Device Compliance" approach where the compliance evaluation is done via a Smart Group in Jamf Pro. The data sent from Jamf Pro to Intune with this approach consists of the Smart Group membership for the group of Macs which are subject to the Device Compliance criteria, and  the membership of the Smart Group that evaluates a Mac for compliance.

0 Kudos
Reply