Intune Vs jamf for Mac MDM

user-nPcufuFijE
New Contributor

I am currently in the process of convincing my Boss to make the Integration to jamf with our current Intune infrastructure.
If you kindly answer the following questions, I can make a good argument to my director.

  • As of 2021, what are intunes limitations regarding mac device management?
  • What can jamf improve in mac MDM that Intune is lacking?
  • What are the benefits of integrating jamf with intune for mac MDM than using intune alone?
3 REPLIES 3

macsysadminjamf
New Contributor III

As far as I could tell, macOS management on Intune itself was one field to upload a script or run a command. I don't think it has any of the reporting, management, UI, desktop tools or support that Jamf does.

user-gEqUwhpRwM
New Contributor

Intune has added a lot of features in the last couple of years and I find it difficult to say that Intune lacks some of the things that Jamf does. I will say that the ease of use for Jamf is better. There are some granular things in Jamf that Intune cannot do at this moment, like the order that apps are deployed, or app dependencies. Intune is not capable of selecting which apps to deploy first. Another thing that can be said is that Intune does not have a prestaging capability like Jamf. There are sets of configurations readily available in Jamf that Intune does not have like the user account creations. For Intune, you must push down a .mobileconfig to create or change local user accounts, whereas Jamf has a setting built in to get this done. Intune has the capability to push down .mobileconfig, .plist and bash scripts, so you can really do almost anything through Intune, but you would have to know how to do it. Jamf makes this easier with a large knowledgebase of forums and pre-made scripts or configurations ready to use.

gda
Contributor

Intune seems to be very slow when it comes to dynamic group calculations, which is done in Azure AD I think.
Dynamic groups are also limited to the few things Azure AD knows about the device: Rules for devices

Things, like extension attributes or scripts, are pushed through MDM to the devices. Don't know if you see the output for the scripts.

3rd party packages needs to be converted to a propriety Intune format before it can be pushed through MDM to the Mac
For DMG & Apps: https://techcommunity.microsoft.com/t5/intune-customer-success/how-to-deploy-dmg-or-app-format-apps-...
For PKG: https://docs.microsoft.com/en-us/mem/intune/apps/lob-apps-macos