We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.
We use 3 different kinds of cookies. You can choose which cookies you want to accept. We need basic cookies to make this site work, therefore these are the minimum you can select. Learn more about our cookies.
Real talk, real tools and real-time support from people who get it.
Real answers from Apple Admins like you
Find your way around
Share your thoughts
Submit your idea
We just got the Jamf AD CS Connector set up for our environment. It's awesome considering we were using an ancient, user-initiated script through Self Service for a long time to accomplish the same thing. However, I am wondering what the best practice is for pushing the wireless config during or after enrollment is. As part of our zero touch efforts, we have the user enroll using our guest wifi network when on site. I'd like to get the wifi profile installed as close to enrollment time as possible so when it does its post-enrollment tasks (installing security software, settings, etc) it will pull from on-site distribution points rather than our Internet facing distribution point. Has anyone had success with this? I seem to find myself getting railroaded installing this profile as it either interrupts the enrollment or post enrollment when it automatically switches from our guest network to the corporate network. Thanks in advance for any thoughts.
I have a script that worked before OS15.5. After updating to OS15.6, the script became abnormal. Even if it connected to the allowed SSID and obtained the IP address, it would turn off and on WIFI infinitely. The following is the script. Thank you for your help~~ #!/bin/bashallowed_ssids=("SSID_1" "SSID_2")wifi_port=$(networksetup -listallhardwareports | awk '/Wi-Fi|AirPort/{getline; print $NF}')[[ -z "$wifi_port" ]] && exit 1 lockfile="/Library/Application Support/JAMF/.wifi_cleaner.lock"mkdir -p "/Library/Application Support/JAMF"if [[ -f "$lockfile" ]]; then pid=$(cat "$lockfile") if ps -p "$pid" > /dev/null; then exit 0 else rm -f "$lockfile" fifi{ echo $$ > "$lockfile" trap 'rm -f "$lockfile"; exit' EXIT INT TERM check_and_clean_ssid() { local connected_ssid=$(/usr/sbin/ipconfig getsummary "$wifi_port" | awk -F ' SSID : ' '/ SSID : / {print $2}') local ssid_list=$(networksetup -listpreferredwirelessnetworks "$wifi_port" | tail -n +2 | sed 's/^[[:space:]]*//') is_allowed() { local
Hi,We’re using Jamf Radar and I created a group where internet access should be completely blocked except for a few allowed sites (internal tools and Jira, mostly). At the moment, full blocking works as expected. I then added some test domains under Custom Rules with "Allow" selected, but they’re still being blocked. What’s strange is that a domain like reddit.com, which is allowed via a custom rule inherited from the root level, works fine. But any domain added directly at the group level doesn’t work, even if the rule looks identical. Is there a known issue with group-level custom rules not applying correctly?Is there a better way to block all internet traffic for a group and only whitelist a few domains? Thanks,Michał
JNUC Attendees volunteer to pack STEAM kits that will be donated to students of Hamilton Middle School, part of the Denver Public Schools. When: Monday, October 6 (Day before JNUC Keynote), 7am-7pm Where: Colorado Convention Center 700 14th Street Denver, CO 80202 - Near Registration, 2nd floor How: Assembly line style, “packing with a purpose” provided by the Happy Hope Foundation. About the school: Title 1 school located in Southeast Denver serving nearly 650 students in 6th-8th grade. More than 65% of students are eligible for free or reduced lunch, over 70% identify as a race other than White, 48% are multilingual learners, and 15% have Individualized Education Programs (IEP). Hamilton Middle School has partnered with community organizations to ensure a safe and welcoming environment for both students and families, in alignment with the school’s vision of serving the Whole Child, Every Child.
I am running into this issue where after pushing an app, updating inventory or enrolling a device, the apps are going straight to the failed command list and display the “No license was found for app”. I have tried wiping and re-enrolling, updating OS, restarting, sending a blank push, or update inventory command but the issue persists. I check the apps and we do have enough licenses available. Any solutions or ideas on what can be causing this? Thanks
Heads up to my fellow Jamf community. We've been seeing iPadOS 15.8.4 iPads when reprovisioned can't be enrolled to Jamf School. This may affect Jamf Pro too. The exact error is "Failed to retrieve configuration". I reached out to Jamf support and they said they have been getting reports of this from others and that this has been observed across different MDM providers. Jamf reached out to Apple regarding this issue and this is exactly what they told me: Apple did get back to us just a bit ago, and they have identified the issue (they did not elaborate on what the issue was). The release is not ready yet though and at this time they couldn't give me an ETA on when that would release. For now I created an internal Jamf Product Issue so we can track customers and I have attached this case to that ticket (PI136109). Hopefully an update that fixes this issue will come out soon. Jamf did say that they could reproduce my issue but had mixed results as one test iPad had the issue but another
Trying to install Chrome for Mac using the app installer. When it installs, chrome will no allow me to update manually. If I manually install chrome, then there isn’t an issue. I do not have a configuration profiles loaded for chrome.
Join us for the Jamf MSP Exchange Meetup - Q3, a dynamic virtual meetup series crafted specifically for our global Jamf MSP community. This quarterly gathering is your premier opportunity to connect, learn, and grow alongside fellow Jamf Managed Service Providers. In this meetup we will cover: Product updates from Kristen Chambers (Sr Manager, Channel Sales) and Yannis Lagogiannis (Sr Director, Product Strategy, Channel) Deep-Dive into Jamf Security Cloud Portal from James Mack (Sr Sales Engineer) Introducing iEnterprise Support Solution from Mike Knowles-Leak (Sales & Partnership Lead, Streamline Digital) Jamf MSP Guest Speaker ⭐️ REGISTER HERE AMER: Tuesday, September 9 | 12:00 pm - 1:00 pm CDT EMEIA: Tuesday, September 23 | 2:30 pm - 3:30 pm CEST Reminder: This is only available to certified Jamf MSP Partners. Please be sure to register for the meetup in your region.
Mac Admins India Connect is more than just a meet-up, it’s a movement. This conference was built by and for the growing community of Apple IT professionals across India. This event is the country’s first dedicated space for those who manage, secure, and support Apple devices at scale in order to meet and learn from one another in a larger scale, one day event. We’re so excited and still buzzing from our inaugural event, and we’re excited to keep it going for next year! Why We Started This India has long been a powerhouse for Apple device management, with admins supporting businesses and schools not only locally, but across the globe. That changed with the formation of Mac Admins India which is a grassroots tech community born on a Google group, and eventually, into real-world meetups. And now, with Mac Admins India Connect, we’re taking it one step further: an annual gathering to celebrate our craft, share our stories, and inspire each other. By the Numbers: 👥 160+ attendees 🏢 80+ or
I am attempting to import a new VPP token that I have downloaded from Apple business manager. Every time I try to do this, I get an error saying "The file received was not valid". I have tired using a different web browser. I have rebooted Jamf Pro, and I rebooted the entire Ubuntu server VM. The Jamf Pro server log does show an error at the time I attempted to import the token. I have an open case with Jamf for this, but if anyone knows how to solve this, that would be wonderful 😊
Hi everyone, I’m trying to set a default font in Microsoft Outlook (macOS) using Jamf Pro, and I’m running into some trouble. By default, Outlook uses Aptos, but I’d like to change it to Book Antique, which is already available on the device. What I’ve tried: I attempted to use the 3rd-party tool OutlookFontPoke by Paul Bowden @ Microsoft. Here’s what I did: • Deployed the OutlookFontPoke script and TemplateRegDB.reg via a package (both located in /private/tmp/OutlookFontPoke-master). • Created a policy in Jamf that: • Extracts the current logged-in user • Fixes permissions • Run the command as that user: sudo -u "$loggedInUser" /private/tmp/OutlookFontPoke-master/OutlookFontPoke 'Book Antique' '11.0pt' 'black' Issue: Despite several variations of the above, I keep getting this error in the script logs: WARNING: Registry DOES NOT exist at path /Library/Group Containers/UBF8T346G9.Office/MicrosoftRegistrationDB.reg. Attempting to create... mkdir: USER/Library/Group Containers: No such f
We are deploying ClearPass OnGuard to our macOS fleet using Jamf Pro. The ClearPass application installs successfully via the Jamf policy, but it fails to establish a connection with the ClearPass backend. Manual installations, however, are fully functional. The root cause has been identified as a missing or misplaced .agent.config file, which is a hidden file essential for the initial configuration and backend communication. This file is present within the ClearPass DMG but is not included in the standard PKG installer. The challenge is to devise a deployment method using Jamf that ensures both the ClearPass installer PKG and the .agent.config file are present on the client machine at the time of installation, allowing the application to connect to our backend successfully.
Hi everyone, I’m in the process of cleaning up a previous school system’s JAMF instance, which unfortunately lacked proper patch management. As a result, there are still devices running macOS Catalina and newer versions. I’m looking for advice or best practices on automating OS upgrades. While I’ll address the specifics of communication with my new manager separately, I’d really appreciate hearing from anyone who has dealt with a similar situation—particularly those without a dedicated team to handle the task. Thank you in advance!
Earn a cool badge and Jamf Nation Reward Bytes for your published articles. We’re looking forward to your submissions!
1 Question Answered
216 Questions Answered
30 Questions Answered
17 Questions Answered
15 Questions Answered
16 likes
14 likes
10 likes
8 likes
Learn about our customer advocacy program that celebrates our most passionate customers.
Join the community to receive product updates, and share feedback.
Already have an account? Login
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.
Sorry, our virus scanner detected that this file isn't safe to download.
