- Jamf Nation Community
- Products
- Jamf Pro
- Re: What features are missing if Mac is not added ...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-29-2022 09:40 AM
Hello. From my understanding after reading through many posts on here, it is possible to enroll a Mac running Monterrey or higher OS into Jamf and not ABM, is that correct? If so, I assume that you would need to send out user initiated enrollments via email? Now, my real question is - by enrolling in Jamf and NOT in ABM, what features/control would I be missing? I am more than happy to explain more in detail the scenario, etc if need be. Thanks.
Solved! Go to Solution.
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-29-2022 10:01 AM
You are actually missing quite a lot. ABM is needed for automated device enrollment. Automated Device enrollment is needed to prevent the removal of the MDM Configuration Profile that forces management on the Mac. Beyond that there are differences between management (Enrollment and user initiating enrollment) and supervised (enrolled using Automated Device Enrollment). You are also limited on the MDM commands you can use, such as wiping devices or issuing software updates to name two examples.
As a MDM Admin you would never want to managed an enterprise owned device that is not in Apple Business Manager.
Reply
5 REPLIES 5
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-29-2022 10:01 AM
You are actually missing quite a lot. ABM is needed for automated device enrollment. Automated Device enrollment is needed to prevent the removal of the MDM Configuration Profile that forces management on the Mac. Beyond that there are differences between management (Enrollment and user initiating enrollment) and supervised (enrolled using Automated Device Enrollment). You are also limited on the MDM commands you can use, such as wiping devices or issuing software updates to name two examples.
As a MDM Admin you would never want to managed an enterprise owned device that is not in Apple Business Manager.
Reply
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-29-2022 10:07 AM
Thank you for this info. So, to fully understand this, I can explain the scenario a little bit, which is probably not unlike situations that you all have been in. We acquired a company whose user base has some macs. We want to manage those Macs in Jamf. If we physically have the machine, we can use Apple Configurator to get them in to ABM and then, once in ABM, assigned the MDM server and manage in Jamf that way. The issue is that we may not be able to get the Macs physically, so my plan was to send out user initiated enrollment emails to the users and get them into Jamf that way. But from what you are saying, the cons far outweigh the pros of going that route? Thanks again for the info, I appreciate it.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-29-2022 10:22 AM
I am assuming the origination you acquired was not managing the Macs. Generally speaking the Apple way is to reprovision the devices to add them to Device Management. If you manually enroll an existing device you will be very limited in what you can do. As I mentioned above, you cannot even issue software updates. You also cant deliver AppStore Apps without ABM.
I think it may be a good idea for you to reach out to Apple as your employer need a proper consultation. Either way it works you will want to start the process of getting ABM setup, its free so there is really nothing to lose. https://nova.apple.com/business/
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-29-2022 10:26 AM
Correct, the organization was not. Our company already has ABM set up and we managed over a hundred Macs using Jamf. However, we always purchase from an authorized reseller and get them enrolled in DEP at that time. Thanks again
Reply
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-29-2022 10:37 AM
Unfortunately really the only option is to reprovision the devices to add them to your ABM instance. If the other org already had an ABM instance you could migrate them. Your Apple Rep should be able to provide guidance.
Knowing how corporate mergers work and how much money is tossed around, you may be able to have new Macs added to the budget and just replace the devices. In my org we have a standard that Mac users get new devices in a merger. I have neglected to mention you can add an existing device to ABM with Monterey and ABM is a requirement for our environment.
