We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.
We use 3 different kinds of cookies. You can choose which cookies you want to accept. We need basic cookies to make this site work, therefore these are the minimum you can select. Learn more about our cookies.
Real talk, real tools and real-time support from people who get it.
Get answers from fellow admins
Find your way around
Share your thoughts
Submit your idea
Hi everyone, I’m currently exploring the possibility of deploying Jamf Connect in our organisation. I have setup the SSO in Jamf Account to point to our EntraID tenant and it’s working fine to login users in both Jamf Account and Jamf Pro Cloud. All the documentation seems to suggest that I need to configure another app in Entra ID to allow Jamf Connect to authenticate users but since Jamf has introduced the Jamf Account OIDC SSO to try and harmonise things, I’m wondering if I can just point Jamf Connect at that rather than creating a new app. Can this be done or am I misunderstanding how the OIDC SSO connection works in Jamf Account? Thanks, Kieran
I’ve got a weird issue with MS Defender Configuration Profiles applying/Un-applying intermittently. As part of our enrollment process we install MS Defender and apply Configuration Profiles. This has been working fine for close to 12months. Now for some reason even though the Configuration Profiles are still applying (You can see them in Device Management). The configuration doesn’t always apply even when it does apply the settings can stop taking affect shortly afterwards. Device Management still has the Configuration Policies applied. I’ve tried downloading fresh configurations, onboarding etc. from Microsoft with exactly the same result. Has anyone else seen this?
As we all focus on building strong digital marketing strategies—SEO, content, user experience—one area I’m revisiting is internal linking.
La Maison Carpentry delivers custom interiors and expert renovations in Singapore. Build your dream home today using our premium materials and craftsmanship.
When adding apps to Self Service (or even Self Service+) via Mac Apps, the applications descriptions are in German. I’ve ensured that English is set to the preferred language and enabled location service. This is being run on a test VM but I can’t for the life of me figure out why this would be the case?
Hello All, can you someone guide me how to set different images for login screen and desktop wallpaper. i fine to create 2 different policies in Jamf. Thanks, Santosh
HI Jamf Nation, I was wondering if there is already a Jamf Group dedicated to Mac admins in the LATAM region. I might have missed it, or perhaps it hasn’t been created yet. If it doesn’t exist, I’d love to explore how I could start one to help foster conversations and collaboration among admins based outside the US and APAC. Thanks again for all your support, and best of luck with the new Jamf Nation experience.
Hey folks—big thanks to everyone who came to July’s LaunchPad! Tony Young (Akima) broke down the key stuff from WWDC25 that actually matters for Jamf admins. If you missed it, you can still catch the replay here: 📺 YouTube: https://youtu.be/Uhcjohq_6gc 🍎 Podcast: https://podcasts.apple.com/us/podcast/wwdc-25-recap-for-jamf-admins/id1668513047?i=1000717011903 🔗 More info: https://rkmn.tech/j-launchpad-resources
We wanted to share a few updates about new features in Jamf Account that improve SSO management and troubleshooting, as well as new documentation resources for enabling OIDC authentication for platform services. A new Jamf Account Release History section in our Learning Hub details several improvements: A new "Authorize URL" button for Google Workspace OIDC connections, enabling consistent group support across organization types Login History tab under Profile, allowing you to view authentication history and ID tokens when using an IdP Enhanced error handling with unique reference UUIDs for failed SSO attempts To help customers migrate to OIDC, we've published a SAML to OIDC Migration Guide that walks through adopting OIDC-based workflows. The Understanding SSO Authentication Methods guide helps address common questions about IdP choices, OIDC benefits, and authentication options. It includes visual breakdowns of both SAML-based and OIDC-based authentication methods to demonstrate how
We recently migrated to Jamf Cloud and using Azure AD as our Cloud Identity Provider and Single Sign-On solution. It works well enough, but we have a weird situation. We're sticking pretty close to Microsoft's documentation on it, which can be found here. By default, the iDP maps userPrincipalName as the username. That's a full email address in our environment, so we want to use onPremisesSamAccountName instead. That works fine in the iDP in both testing and looking up users/accounts. We also need user authentication during the initial device enrollment via DEP. We've gotten that added in by adding an Enrollment Customization that is just the SSO. Here's where it gets dumb. If we now enroll a machine while the User Name mapping is set to onPremisesSamAccountName, the SSO during enrollment registers the device to just the userPrincipalName with no other user data. The Pre-Fill Primary Account Information only puts in the userPrincipalName as the User Name, and the user is able to modify
Question for how/if we have controls to deploy a specific app version to iPads. We have a couple applications we use and work closely with the developer and schedule when we make the update available on our EFB iPads. We use the check boxes ‘Schedule Jamf Pro to automatically check the App Store for app updates’ and ‘Force App Update’ to accomplish this. Today is the first time we noticed a different version was installed than what Jamf Pro is reporting as available. This is what is showing under Mobile Device Apps. Does it always install the newest version of what’s available in the Apple store via Self Service regardless of what Jamf Pro is reporting? When looking at the Inventory for the iPad we see that 10.5.1 was installed.
CIS 1 Allow Touch ID to unlock your mac what needs to be deactivated? Hi Hope you can help, how do we allow users to use Touch ID rather than the full password each time sleep is activated. What needs to be unticked in the list of Managed Rules in compliance? Thanks
Hi, I recently set up a new Windows Distribution Point and am now trying to connect to it via the Jamf Sync App, but cannot get a connection. I see the DP in jamf sync, but it only asks for a password, not for a username. No matter what password I use I always get the error Message “Failed to load the … distribution point: cannotGetFileList” Unfortunately the new jamf support is pretty useless as there is not more option for me to communicate in english. All communication is automatically translated to german, but the translation is not that good so I often dont quite get what the supporter wants to tell me. Just english would be much better for me.
Hi all, I try to create a user level configuration profile for ethernet (for 802.1x LAN authentication).So basically, the same we already use for WiFi. We currently use a computer lvl profile, which works without issues. But have to change it to user lvl because of the strong auth change Microsoft enforces soon. The settings should work but as soon as I click on save, the network payload vanishes. Without an error or any explanation… As said before, the WiFi profile (also user lvl) works like a charm. Any tips on why this might happen? BR Thomas
Earn a cool badge and Jamf Nation Reward Bytes for your published articles. We’re looking forward to your submissions!
216 Questions Answered
30 Questions Answered
17 Questions Answered
15 Questions Answered
18 likes
15 likes
14 likes
13 likes
9 likes
Learn about our customer advocacy program that celebrates our most passionate customers.
Join the community to receive product updates, and share feedback.
Already have an account? Login
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.
Sorry, our virus scanner detected that this file isn't safe to download.
