Jamf Connect Verify

Deploying Jamf Connect Verify

After deploying Jamf Connect Login with Azure in one of my previous posts, it was about time to have a look at adding ‘Verify’ to the mix as well. And while there are plenty of different deployment scenarios possible, I’m going to keep this one short and simple.

Note: Just for clarity, Jamf Connect Login is used with Azure or Okta. Jamf Connect Verify is a tool used with Azure, while Jamf Connect Sync (Nomad Pro) is used with Okta.

In my discussion about deploying Jamf Connect Login, I repackaged the installer and added a post-install script for the authchanger and Notify, etc…

I could just add the Jamf Connect Verify to the prestage package, but Jamf Connect Verify can actually be used without Jamf Connect Login. So for this quick overview, I’ll just deploy Verify separately. If you are deploying Verify together with Login, just repackage it like I did in my previous post. If not, just deploy it with a Jamf Pro policy, or even a stand alone pre-stage package if you have nothing else to deploy in the prestage. For testing, you can just run the installer on your test machine, nothing special.

Continue reading “Jamf Connect Verify”

Integrate Azure LDAP in Jamf Pro

Integrate Azure AD in Jamf Pro as an LDAP service.

With the release of Jamf Connect w/ Azure integration, Jamf provides a tool (amongst other functionality) to create local user accounts on your Macs. This based on the identity of the user in Azure.

I noticed this latest Jamf Connect release triggers additional interest in integrating Azure as an LDAP server. Azure LDAP integration was on my blog to-do list for some time now, but other topics jumped ahead in my priority list. So to finally clear this from my to-do list, hereby a quick post on how to add Azure as an LDAP service in Jamf Pro.

I’ll try to keep this one as short as possible. Managing Azure AD and enabling the required services (LDAPs) is a bit beyond my scope here. Allow me to assume that you already configured it for other integrations outside Jamf Pro.

Nevertheless, let’s run through the different steps on a high level overview, and try to highlight some important notes. After this we’ll have a look at the default mapping settings in Jamf Pro.

Continue reading “Integrate Azure LDAP in Jamf Pro”

Jamf, Nomad, Jamf Connect… just WOW ! What a surprise !

Wow, what a surprise indeed! That moment you are in the middle of mentioning the capabilities of Nomad to the sys admin you are on-boarding in Jamf Pro… the news of the year rolls in…!

Nomad is Jamf… wait, what? Can’t be?!… Time for a small break in the on-boarding session to figure out what just happened!

Yes, there is was, the email from Dean (Jamf CEO), followed by a lot of excitement in the internal chats, emails and other channels. Indeed, Nomad is Jamf and there is Jamf Connect now… just WOW!

But why all the fuzz? What’s Nomad anyway? Why is this such a big news?

Continue reading “Jamf, Nomad, Jamf Connect… just WOW ! What a surprise !”

Default LDAP mapping for Active Directory in Jamf

In today’s post I’d like to go through adding LDAP integration to Jamf Pro, with Microsoft Active Directory as Directory server, and more specific: share the default settings in case you have to configure the LDAP integration manually. So no magic in this post, just sharing the default workflow and AD mappings which might come in handy. I’ll share some other Directory Service mappings soon, such as freeIPA, OD,…

Before we start diving into the settings, just remember that, if you are a Jamf Cloud customer, you will first need to grant Jamf Cloud access to your AD server. Either by Whitelisting the IP adresses of Jamf Cloud, or by installing a Jamf Infrastructure Manager or ‘JIM’ in your DMZ. See my post on ‘JIM’: )

Once this is done, you can go into the settings of Jamf Pro and configure the LDAP connection using the wizard. Jamf Pro will automatically try to fetch the Directory settings and mappings.

Continue reading “Default LDAP mapping for Active Directory in Jamf”

Use the Force with Active Directory!

Apart from bigger posts on heavier topics, I also want to use this channel to quickly share some handy tips and tricks, or cool little tools which I like to use. Like this one…

Many of us have some kind of homelab for testing purposes right? Or even an entire company testing environment.

So, most likely you have an Active Directory sitting somewhere, which you use to test all kind of AD related stuff. Such as, integrating LDAP into Jamf Pro, binding Macs to AD (yeah, I know, to bind or not to bind… I’ll have to tackle that discussion soon) or any other AD related functionality.

So yes, I also configured some test servers in the past. Installed Active Directory, created some virtual users and groups,… ending up with the most boring names ever… I’m not going to list any of them, in order not to offend anyone of you (especially colleagues, friends and family) who, by coincidence, might have the same name as my test users and to avoid any discussion on why some were domain admins, and others just normal users in this virtual environment 🙂

However, this all changed when I came across this awesome little gem: Active Directory Star Wars PowerShell Module

Continue reading “Use the Force with Active Directory!”