Jamf Nation Community

obi-k · 2 weeks ago

In this scenario, which would you use?

• You're starting a new company in 2025

• Fresh Jamf Pro build

• Fresh Apple Business Manager

Do you use DEP Notify, Jamf Setup Manager, or something else?

https://www.jamf.com/blog/apple-device-enrollment-jamf-setup-manager/

markdmatthews · a week ago

We have moved to Jamf Setup Manager (https://github.com/Jamf-Concepts/Setup-Manager) + macOS Onboarding. We have provided some minor feedback, but overall we've been very pleased. Find more at https://www.jamf.com/blog/apple-device-enrollment-jamf-setup-manager/

View solution in original post

sdagley · a week ago

I'd definitely go with Jamf Setup Manager. Migrating our production enrollment process from DEP Notify to Jamf Setup Manager is one of my 2025Q1 projects. It's been working great in our test environment, just ran out of time to move it into production this year.

View solution in original post

danlaw777 · 2 weeks ago

having built a few instances from scratch and then adding on to it, here is what i would do.

create an ABM account for the environment and claim all domain emails.

build jamf up using a prestage account and link to ABM

once those are done create all the profiles and policies as well as smart and static groups

then i would configure jamf protect and ZTNA to meet all guidelines for the envirnment

finally i would start enrolling the macs

then i would start enrolling the macs/devices using only the domain emails

AJPinto · 2 weeks ago

I install necessary security software in the prestage or a policy with an enrollment trigger, ensuring it’s loaded before login. Jamf “Mac Apps” handles Office applications. Everything else is self-service.

I tried Jamf Setup Manager a few weeks ago, and I really did not like it. It feels really clunky, and why use things like it or DEP notifier if your devices are configured before your user can login?

mpermann · 2 weeks ago

I'm a fan of Baseline. It's very flexible and you can configure it very similarly to DEPNotify if you like. I have a GitHub project for folks that are used to using Jamf's DEPNotify-Starter script and want to convert over to using Baseline.

markdmatthews · a week ago

We have moved to Jamf Setup Manager (https://github.com/Jamf-Concepts/Setup-Manager) + macOS Onboarding. We have provided some minor feedback, but overall we've been very pleased. Find more at https://www.jamf.com/blog/apple-device-enrollment-jamf-setup-manager/

obi-k · a week ago

This is our most likely choice. Just curious what others were doing.

Did you move from DEP Notify or something else? Any gotchas?

markdmatthews · a week ago

We moved from DEPNotify; it was all pretty straightforward. The only gotcha (IF you weren't already doing it already) was how you "Exclude" certain policies during "enrollment" and still allow them to self-heal later etc

sdagley · a week ago

I'd definitely go with Jamf Setup Manager. Migrating our production enrollment process from DEP Notify to Jamf Setup Manager is one of my 2025Q1 projects. It's been working great in our test environment, just ran out of time to move it into production this year.

obi-k · Thursday

For the icons, what are you guys doing? Are you packaging the image files and deploying the package before the Setup Manager package?

Or is there a cheat sheet I'm missing for Installomater to link images? I saw the documentation to host your images with http/https.

I'm lazy. Just being honest. If there was a quick and dirty way to link your images, I'm up for it.

sdagley · Friday

@obi-k If you upload an icon in a Policy Self Service configuration you can use that URL for JSM. You can also upload something there that isn't an icon if you want to replace the default JSM suit & tie image.

obi-k · Friday

I changed the JSM header to "name:NSComputer" so it shows the computer type icon. I like it so far.

Tried to use the Self Service URL, but I get a question mark. Wonder if it's cause our Jamf is behind security stuff. To be sure, you're using the URLs in this screenshot?

Also, in my testing it is not consistent when JSM shows up. Sometimes it's before user login screen, sometimes after when the user gets to the Desktop.

sdagley · Friday

@obi-k Wrong URL. You need the URL for the icon associated with the Self Service policy, and that's in the "Icon" section between Notification and Categories on the Self Service tab for a policy. Once you have your icon uploaded and selected for the policy right-click on the icon and select whatever option will get the URL for the icon image (in Chrome that would be "Copy Image Address") then use that in your JSM configuration.

On the when JSM shows up you need to have the JSM .pkg installed as part of your PreStage Enrollment, and the Configuration Profile with your JSM settings needs to both be in the PreStage and scoped to the Mac you're running JSM on.

obi-k · Monday

@sdagley You deserve a coffee on me, my friend. Worked. Feel a little dumb now -- I think this was mentioned in the 200 or 300. Forgot. Works nicely!

mark_mahabir · a week ago

We've gone down the macOS Onboarding route (from DEPNotify) and that is good enough for us - I may look at Jamf Setup Manager somewhere down the line, but I don't have reason to just yet.

Jamf Nation Community

DEP Notify, or something else in 2025?