Just wondering if anyone has figured out how to enable S/MIME in an Exchange profile that is distributed via MDM (Casper).
If I enable S/MIME in the profile it asks me to provide a certificate. Obviously I don’t want a different profile for every user. If I keep it set to none, and have the user manually install their certificate, the cert installs fine, however, the setting to select a certificate is greyed out. So the user is able to read encrypted messages, but cannot send encrypted messages.
Am I missing something?
@TreviñoL It's not about Certificate Login. It's about signing and encrypting mails.
It seems to be an issue of how the Profile itsself is handled. JAMF has opened a RADAR Ticket for this issue. 32947989.
I asked them to put it on openradar now, maybe we can see it publicly.
If you want more info about all that, contact me using slack. (same nickname).
guess I'm a little late.. but I just found the solution for the S/MIME problem..
It seems like Jamf just isn't using all the available parameters for Mail settings.
Solution is pretty simple..
1) Download the Software Profile Creator
(Big Sur Version is working fine, you'll might have to join the Mac Admins Slack)
2) Export your current mail configuration profile from Jamf
3) Import the configuration profile into Profile Creator
4) Edit all the additional options Jamf "forgot":
(attached screenshot is for IMAP, Exchange has mostly the same options))
5) Save the profile and sign it (so Jamf won't change anything when importing it)
6) Import configuration profile to Jamf and deploy it
Hope this helps other stressed out Jamf admins.. ;)
Greetings from Germany