I was looking into ways to get our help desk limited access to JAMF for some read-only or low impact actions - like finding a FileVault 2 Recovery Key or unlocking a locked local user account.
What do you allow your 1st level techs access to in JAMF and how is it working out?
If they are helpdesk I am assuming they only need rights to conduct remote support right?
I will suggest you go to system settings - JamF Pro Users and Groups set their privilege to "JamF Remote" only you need them to have any other access within your org.
Best of Luck!
We are not using ARD, but the JAMF Remote to try to remote into Macs. They try to make a connection but fail. It has been over a month since I last tried, but I was trying to connect to a test Mac on the next desk - both on wifi. I think it either got stuck on trying to open the SSH connection, or could not see the machine at all.
I like ARD a lot. Maybe we should get it.
Do you all have Remote Management and Remote Login turned on on those Macs in your environment?
If not, check your settings in System Pref - Sharing and ensure those settings are set with the correct parameters which will allow access for all internal ARD connectivity functionalities.
We actually have quite a few issues with JAMF Remote also. Your DNS settings have to be correct for JAMF Remote to work. We use AnyConnect as a VPN client and our team that owns that does not have any function set to change the Macs default DNS server when on the VPN. So any device on our VPN cannot be accessed with JAMF Remote as JAMF Remote is reading the DNS tables and seeing the 192.168.x.x IP that the Mac is reporting, but not the corp 10.x.x.x IP the Mac is using as the DNS settings are not right. Obviously since the 192.186 IP address is not on our network the communication never makes it to the Mac.