Help

Enable standard users to add Profiles

ardrake
New Contributor III

Posted on ‎02-01-2023 07:53 AM

Our wifi requires that a profile containing several certificates be installed, and Monterey+ requires admin credentials to do this.  This creates an unnecessary burden in the case of sysprep, changed passwords, and certificate updates. I'd like to allow standard users to add/remove profiles (that aren't managed by Jamf Pro).  I'd hoped this would be as simple as it was to enable standard users to modify date/time settings, but the "security authorizationdb" command did not work for Profiles.

Any suggestions would be appreciated!

0 Kudos
Reply
3 REPLIES 3

dolfhoegaerts
New Contributor III

Posted on ‎02-01-2023 09:09 AM

If it is just to add certificates for WiFi you should look into the AD CS connector and SCEP, with this integration you can push the certificate to the device with a configuration profile

 

https://docs.jamf.com/technical-papers/jamf-pro/digicert/10.40.0/Distributing_Certificates_Using_the...

Reply

ardrake
New Contributor III
In response to dolfhoegaerts

Posted on ‎02-01-2023 09:31 AM

Thank you for that suggestion.  That might just be the ideal solution here, if we can make that work.

0 Kudos
Reply

AJPinto
Honored Contributor III

Posted on ‎02-01-2023 09:58 AM

I dont think what you are asking is possible. However, there is no reason JAMF could not deploy the configuration profile containing the certificate or one that builds the certificate.

0 Kudos
Reply