A word on LDAP integration and the Jamf Infrastructure Manager

Let’s get this this blog started with one very popular add on for Jamf Cloud: ‘JIM’, or Jamf Infrastructure Manager.

Note: while JIM can also be used for more complex on-premise Jamf Pro installations, I’ll focus this post on Jamf Cloud only. The setup for on-premise servers should however be similar, taking some network considerations into account.

Before forcing you to read my point of view on JIM, I’d like to share a link to THE video you must watch to understand all the details on how this tools works. Laurent, one of the Jamf Profesional Services Engineers, presented an awesome keynote on JIM during JNUC 2017! Have a look at the end of this post for the link.

However, while not trying to re-invent the wheel, here are my highlights on  the installation and configuration of LDAP integration in Jamf Pro.

Many companies or educational institutions use Active Directory, or another LDAP, to manage their end users. And while binding macs to AD is a complete different discussion, ‘to bind or not to bind’ will most likely be one of my future posts, LDAP integration in Jamf Pro remains a very nice thing to have.

Integrating LDAP into Jamf Pro allows you to assign devices to users, auto configure user settings based on AD attributes, authenticate users in Self Service, provision Jamf Pro accounts for admin users and enrollment purposes, etc…

See: Integrating with LDAP Directory Services

For this integration to work however, the Jamf Pro server needs to be able to query the LDAP server. For on-premise Jamf Pro installations, this is most likely going to be a straight forward exercise, as both servers are likely to be on the same internal network. But for Jamf Cloud instances, there is some additional configuration needed. Opening up the internal LDAP server to the world, is most likely not going to amuse your network security team, but still, Jamf Cloud needs acces from outside your network, through the firewall, inbound to the LDAP server. One way or the other…

Continue reading “A word on LDAP integration and the Jamf Infrastructure Manager”

Hello world

Hi!

Welcome to this blog… or at least the placeholder for what’s supposed to become a blog. You have to start somewhere, right?

As a field technician, active in the domain of managing and deploying Apple devices, I come across different challenges and requirements to make the life of the Mac sys admin easier and less time consuming.

My goal with this blog is to collect useful tips, tricks, howto’s and resources, which may be useful for other sys admins who use Jamf as their main tool.

Nothing special, nothing fancy, just some useful things!

Coming up soon!

Brgds,

TTG