Integrate Azure AD in Jamf Pro as an LDAP service.
With the release of Jamf Connect w/ Azure integration, Jamf provides a tool (amongst other functionality) to create local user accounts on your Macs. This based on the identity of the user in Azure.
I noticed this latest Jamf Connect release triggers additional interest in integrating Azure as an LDAP server. Azure LDAP integration was on my blog to-do list for some time now, but other topics jumped ahead in my priority list. So to finally clear this from my to-do list, hereby a quick post on how to add Azure as an LDAP service in Jamf Pro.
I’ll try to keep this one as short as possible. Managing Azure AD and enabling the required services (LDAPs) is a bit beyond my scope here. Allow me to assume that you already configured it for other integrations outside Jamf Pro.
Continue reading “Integrate Azure LDAP in Jamf Pro”
Nevertheless, let’s run through the different steps on a high level overview, and try to highlight some important notes. After this we’ll have a look at the default mapping settings in Jamf Pro.
Jamf Doubles Down in Education, Acquiring ZuluDesk, a Leading Apple Education Technology Solution
Yes, you read that right! Zuludesk is now part of the Jamf family!
Exiting news because, where until recently Jamf and Zuludesk were competitors (read: more specifically in the world of Education), forces have now been combined!
At this moment, I don’t have any additional information to share outside the public press release but I’m sure this acquisition and combined forces will bring an exciting new future for the world of macOS and iOS management!
For now I just wanted to help spreading this awesome news! Stay tuned for more. Exciting times ahead!
Combining DEPNotify with NoLoAD (Nomad Login AD)
While continuing my journey in finding efficient workflows to manage Secure Tokens and FileVault on Mojave, I side-tracked to testing NoMAD Login AD in combination with DEPNotify.
Continue reading “NoMAD Login AD and DEPNotify”
I’ll come back to which workflow I’m using it for in my next post, but for now, just imagine a more general scenario where you want to create a local account based on AD credentials. But also avoiding the BIND and all its disadvantages (including potential keychain, FileVault and Secure Token issues) and use the power of DEPNotify to inform the user about what’s going on when they login.
NoMAD Login AD is your friend here! Similar to NoMAD Login+ Okta, where you base the account on Okta users. With NoMAD Login AD you benefit from having the local account credentials to be the same as the AD account. A good start for adding Jamf Connect/NoMAD later in the deployment.