Jamf Nation Community

fukimo · ‎03-31-2023

Hi there,

I'm looking for some assistance please in coming up with a solution to sharing organisation contacts to 100+ iPhones as read-only.

In our current setup we're hosting the contacts on a Google account and have configured the Contacts payload in JAMF with the Google CardDav server which works great, however is NOT read-only, meaning end users are able to add/modify/remove these shared contacts which we do not want...

I've faffed around with different solutions such as CoContacts, however am yet to come up with a solution that works. Any assistance is greatly appreciated!!

P.s we have no allegiance to Google contacts and are only using it as a temporary stop-gap, but happy to switch to another platform if it will allow for read-only contact sharing that can be deployed via JAMF.

Thanks again.

Lessardrp · ‎08-31-2023

I need to come up with a similar solution. We are using Yahoo as a host. Would the editing settings be on the Jamf side or the Carddav server side? Any advice appreciated.

tholder · 10 hours ago

We have recently improved the way Contactzilla handles read-only CardDAV sync. We are also working on support for Jamf. You can read more here https://contactzilla.com/read-only-carddav-synchronization-update/

Lessardrp · 8 hours ago

Thanks for the update. So, just for clarification, the method of distribution is the same but the contact list is read only? Or is the method of distribution different as well (ie Contactzilla hosts a carddav server). If you host your own distribution server, are there ways to delegate administration of individual contact lists? I have ZERO desire to manage contact lists. I just want to set up the distribution of them and not let people change them, unless it's a person who centrally manages the list.

tholder · 7 hours ago

Thanks, all good questions. Yes Contactzilla is a carddav server. Address books are the syncable servers and it's possible to have 1 or many of these per team. You could have 1 person with access to each address book or you could have 1 address book with 100 people having access to it. Each user that has access can either have read/write access or they can have read-only. Our recent update means that read-only users essentially have an always up-to-date list of the address book on their device. We also augment this slightly by adding a lock emoji to indicate it's read only if you want it.

We have opened up discussion with jamf to look at building support in v2 which will be shipping towards the end of the year.

Lessardrp · 6 hours ago

So we have fire, police, parks, public works etc. Several phones are assigned to crews. Multiple people use the phone and it gets handed down from shift to shift. No one ever logs into these phones. We want read only contact lists that end users use but management updates through a web portal.

For example, the fire ops folks may have a shared contact list. The medics may have one unique to them. Water crew, sewer crew, street crew etc etc.

Right now, I push a list to a smart group of phones through Jamf. How would that differ with your solution? How does the device know what lists it gets? Is that controlled by the MDM or your server?

From a licensing standpoint, I see reference to "Team members". How does that translate to what I am describing?

Thanks in advance,

Rob

tholder · 5 hours ago

So a list would be an address book. If you need 4 lists you would create 4 address books. It sounds like phones are not dedicated to people but more areas of operation. That's fine, you would just create a user in the system for the device and by the sound of it, designate it as read-only. Once it's setup in the phone to connect a given address book it won't require you to login again. Team members are typically people but in your instance, which is a bit unusual because of shared phones, it is essentially each device that connects - if pricing becomes prohibitively expensive on this basis though drop me a line tom [at] domain . You can then have a management user like you say that has access to all the address books and can edit contacts accordingly.

Lessardrp · 5 hours ago

Devices each being a member may not be needed depending on whether you restrict how many devices a member can be using. For example, there may be 15 fire crews that all share the same read only contact list that spans the whole fire department. If it's allowed to have a "FireCrews" user that is assigned to 15 different phones all sharing one contact list, that would be one user. But as I said, that's dependent on your license agreement.

tholder · 5 hours ago

This is an issue with our current licensing model and it does hit us where it hurts.... in the $$! That being said, we'd much rather have you on board as a client than not and this isn't an excessive overuse of the system. We will be limiting it in the future to probably 3 device connections per account but that's kinda up in the air tbh at the moment.

Jamf Nation Community

Read-Only Contact Sharing via CardDav/Contact Payload