Let’s get this this blog started with one very popular add on for Jamf Cloud: ‘JIM’, or Jamf Infrastructure Manager.
Note: while JIM can also be used for more complex on-premise Jamf Pro installations, I’ll focus this post on Jamf Cloud only. The setup for on-premise servers should however be similar, taking some network considerations into account.
Before forcing you to read my point of view on JIM, I’d like to share a link to THE video you must watch to understand all the details on how this tools works. Laurent, one of the Jamf Profesional Services Engineers, presented an awesome keynote on JIM during JNUC 2017! Have a look at the end of this post for the link.
However, while not trying to re-invent the wheel, here are my highlights on the installation and configuration of LDAP integration in Jamf Pro.
Many companies or educational institutions use Active Directory, or another LDAP, to manage their end users. And while binding macs to AD is a complete different discussion, ‘to bind or not to bind’ will most likely be one of my future posts, LDAP integration in Jamf Pro remains a very nice thing to have.
Integrating LDAP into Jamf Pro allows you to assign devices to users, auto configure user settings based on AD attributes, authenticate users in Self Service, provision Jamf Pro accounts for admin users and enrollment purposes, etc…
For this integration to work however, the Jamf Pro server needs to be able to query the LDAP server. For on-premise Jamf Pro installations, this is most likely going to be a straight forward exercise, as both servers are likely to be on the same internal network. But for Jamf Cloud instances, there is some additional configuration needed. Opening up the internal LDAP server to the world, is most likely not going to amuse your network security team, but still, Jamf Cloud needs acces from outside your network, through the firewall, inbound to the LDAP server. One way or the other…