Jamf Pro and Google Secure LDAP

Integrate Jamf Pro with Google Cloud Identity Secure LDAP

UPDATE 18th of December: got it to work JamfCloud! See bottom of post.

Earlier this year Jamf announced support for the new Google Secure LDAP service. As I was too pre-occupied with macOS Mojave & Secure Tokens, I didn’t have the change to test it until now. 

But to break away from testing token related deployments, I decided to have a look at this new LDAP integration today.

Before I continue, I just want to highlight one important detail regarding the pre-reqs to integrate this feature in Jamf Pro.

If you look at the configuration guide for Google Secure LDAP, you'll see that it requires 'Certificate based Authentication'. Important to know, because the LDAP integration in Jamf Pro currently does not allow us to do so.

This means that, in case you do want to integrate Google Secure LDAP into Jamf Pro, whether you are hosting your own Jamf Pro server or using JamfCloud, you will need an additional proxy server. More about that below.

That said, let’s have a quick look at how to do things.

Continue reading “Jamf Pro and Google Secure LDAP”

Get that “free lunch” with ‘Let’s Encrypt’

When deploying a server into production, you’ll most likely need to secure it with a SSL certificate, but even when installing some test servers, adding some encryption is always a good idea as well.

Depending the purpose of the server, and the environment it will be running in, a self-signed certificate may or may not be sufficient. But even if it is sufficient for the intended use of the server (only for internal services or resources for instance), having a nicely signed and trusted certificate makes everything a lot easier, even on a test server. At least it’s a good practice to avoid having your users develop a bad habit of trusting servers with self-signed certificates in general.

Continue reading “Get that “free lunch” with ‘Let’s Encrypt’”