Posted on 01-16-2018 04:15 AM
We've just completed the initial training of JAMF Cloud and while the strictly MDM based part looks amazing it seems to me that the user creation and device assignment part leaves a little to be desired, in particular if you can't connect to LDAP (which we can't as we're a school and our connection to the interweb is provided by the county council and they won't allow us!).
So with no LDAP available, Apple School Manager setup, configured, syncing with our MIS (SIS) in US with thanks to Salamandar Soft in the UK. What's the best practice answer to importing users into JAMF so we can assign devices to them?
It looks to me like importing via CSV file the users with email addresses and then using the MUT to update anything else is one solution? The other is to do a blank search for users in JAMF, press Import and import the users from Apple School Manager Sync data?
Apart from that question, it looks like The MUT can't then assign a serial number to a user? Is that even needed?
Thanks
Paul
Posted on 01-16-2018 06:08 AM
Hey Paul,
With your Jamf Pro server, when importing users through ASM, we like to stress the importance of the matching criteria. This is how the import knows if there are existing users in Jamf Pro that need to be matched with users being imported through ASM instead of creating duplicate users. For instance, one matching criteria I like to use is: Managed Apple ID contains Username (Jamf Pro). If I have an existing Jamf Pro user of pauljmiddleton and I kept that same naming convention with the MAID, this would read out as:
pauljmiddleton@appleid.school.com contains pauljmiddleton
If your matching criteria is solid and the naming convention is kept the same throughout, the order of operations with how the users are imported would not matter. You can import your ASM users first and then have users enroll their devices via LDAP and their LDAP users would match in the background to the ASM users. Or, you could enroll via LDAP and have those users in Jamf Pro and then import your ASM users and go through the matching.
If the matching criteria can't be set to something that works, you would need to have your LDAP users in Jamf Pro first and then we'd have to find a way to match ASM users to those existing users in Jamf Pro.
Matt