Integrate Jamf Pro with Google Cloud Identity Secure LDAP
UPDATE 18th of December: got it to work JamfCloud! See bottom of post.
Earlier this year Jamf announced support for the new Google Secure LDAP service. As I was too pre-occupied with macOS Mojave & Secure Tokens, I didn’t have the change to test it until now.
But to break away from testing token related deployments, I decided to have a look at this new LDAP integration today.
Before I continue, I just want to highlight one important detail regarding the pre-reqs to integrate this feature in Jamf Pro.
If you look at the configuration guide for Google Secure LDAP, you'll see that it requires 'Certificate based Authentication'. Important to know, because the LDAP integration in Jamf Pro currently does not allow us to do so.
This means that, in case you do want to integrate Google Secure LDAP into Jamf Pro, whether you are hosting your own Jamf Pro server or using JamfCloud, you will need an additional proxy server. More about that below.
That said, let’s have a quick look at how to do things.
Continue reading “Jamf Pro and Google Secure LDAP”
Combining DEPNotify with NoLoAD (Nomad Login AD)
While continuing my journey in finding efficient workflows to manage Secure Tokens and FileVault on Mojave, I side-tracked to testing NoMAD Login AD in combination with DEPNotify.
Continue reading “NoMAD Login AD and DEPNotify”
I’ll come back to which workflow I’m using it for in my next post, but for now, just imagine a more general scenario where you want to create a local account based on AD credentials. But also avoiding the BIND and all its disadvantages (including potential keychain, FileVault and Secure Token issues) and use the power of DEPNotify to inform the user about what’s going on when they login.
NoMAD Login AD is your friend here! Similar to NoMAD Login+ Okta, where you base the account on Okta users. With NoMAD Login AD you benefit from having the local account credentials to be the same as the AD account. A good start for adding Jamf Connect/NoMAD later in the deployment.