I am currently setting up Jamf for 32 operating companies under one Jamf instance. Each company manages its own macs. I was told the best way to separate the companies up is to use "Sites". Each company would have its own site and their mac admin would be assigned to their respective site. Is this the best way to do this?
A few downsides to doing this.
You have to give ALL or NO access to Scripts and Packages and a few other Global Settings depending on how you are setting up access and limits. I limited it so the admins could not delete scripts/pkgs to avoid mistakes. They have to request to have one deleted.
If you need to scope something to a "Site" from the top level you have to come up with your own way of scoping, no way to scope by the site, only "All Computers". So I went with a "Fake" configuration profile for each site. Then I created a Smart Computer Group based on it. That I can then use to scope "In" or "Out" top-level stuff depending on needs.