We've recently moved from an on-premises server to the cloud. We are using on-premises Active Directory for LDAP services and were hoping to move To Azure AD at some point. We brought this up during the migration to the cloud and the JAMF tech who was assisting with the migration said that there was no path to upgrade from where we were with on-premises AD to where we wanted to be with Azure at that time.
Since then, I've been looking around the forums trying to get more information. In the older documentation (up to v10.29), I can see a blurb that says "To ensure your existing LDAP workflows (e.g., scoping or user accounts and groups) continue to work correctly, you will need to migrate your configuration when the migration assistant is available in a future release of Jamf Pro. Adding the Azure AD integration prior to migration may break your environment."
This warning doesn't appear in the documentation after v10.30. We're in the cloud on v10.32. Does this mean it's relatively safe to upgrade from on-premises LDAP to Azure without breaking too much?
Solved! Go to Solution.
I asked the same question of my success manager in September. We're in a similar condition.
Thanks for reaching out. Unfortunately, we do not have a migration assistant yet to move from Azure AD with Cloud Identity Providers. Please let me know if you have any further questions.
Thank you for letting me know.
Will you contact me when you do have that?
I hope your day is starting off. Since there is no notification for this, I would suggest checking the release notes. The creation of the migration assistant will be included in that documentation. Let me know if you have any additional questions about this.
So If the migration assistant is not in the release notes, don't try to migrate. My day is starting off.
Thanks to @chris_hansen and @Just_Jack for replying. It's good to know we're not alone but still doesn't explain why the warning disappears from their documentation in v10.30 onwards if it's still an issue.
I've opened a support call on the off chance that there's an answer to this but I'm not going to hold my breath.
No problem. I also thought they had removed it originally. Took a bit of scanning to notice it.
We're in the same boat and getting off our on-prem AD config is getting a bit urgent. I'd be interested to hear if anyone else has tried to migrate without the migration assistant and what exactly broke and how it was fixed.
We have migrated and the only real issue (that we haven't been able to fix), is the users assigned to machines were all done when LDAP was out auth point. We have not found an easy way to migrate those to Azure AD accounts.