|
Hi macOS thread, short time follower, first time poster. I work in tertiary education as an analyst, and not across software deployment in OSX from jamf MDM enough. Our engineers are making the argument that our jamf MDM should use configuration profiles to present software details and setup information. In our example, a configuration profile presents a software's serial number in plain text in System Prefs > Profiles. I don't think this is a good way to do this, but they reckon that this is how Apple are pushing for software to be deployed and who knows when the fill user template process they've been using in the past will break. The vendor is no help, having come back with them not having a mac deployment guide so we can go hog wild however we like. I am then extra confounded because this profile needs to be pre-loaded on all our devices, rather than tied to a software profile install process because configuration profiles can have a significant delay before being deployed in our engineers experience. A brief google sends me to https://developer.apple.com/documentation/devicemanagement/using_configuration_profiles which has in big yellow text "Important. Configuration profiles are for enterprise use only. With the exceptions of the APN, VPN, and WiFi profiles, do not use configuration profiles with consumer apps." which I believe supports a position of 'hey don't use config profiles to deploy software'. Am I just that much in the dark and this is what happens broadly in jamf/OSX land? blindidiotgod fucked around with this message at 04:24 on Oct 29, 2019 |
#
¿
Oct 29, 2019 04:15
|
|
|
|
| # ¿ Apr 19, 2024 16:45 |
|
|
Jose Oquendo posted:I'm still half asleep right now, but nitsuga is right. I wouldn't use configuration profiles for software deployment. Cheers for you and nitsuga, the problem's not with the packaging/installation but more the philosophy behind it. I was  about putting software keys in plain text and blasting it across our environments in case someone ever installed it.A frank exchange of ideas later, we do find out that running a jamf policy also instantly sticks down a configuration and i'm voted down from a position of no software keys in configuration policies. Now to figure out a way of stopping personal appleIDs from remote locking MDM devices! Any knowledge about federating apple IDs in here?
|
|
#
¿
Nov 6, 2019 00:56
|
|
|
My job requires a whole bunch of software, hardware and services testing. To use many features I'm going to need 2fa, but I 1) don't have an iphone 2) constantly rebuild and apple devices. Am I just stuck without 2fa?
|
|
#
¿
Mar 12, 2020 02:20
|
|
|
Pivo posted:I assumed they meant Apple's 2FA which uses Apple ID linked Apple devices. It's well known that other apps can generate tokens in general. That's correct - so no real way around apart from getting one device to be the 2fa holder?
|
|
#
¿
Mar 12, 2020 07:54
|
|
|
Has Azure AD user accounts on macs been solved yet? Anyone in thread have any experience on it? Jamf Connect is looking like a strong contender, and *seems* to do it, but I have had no experience with it, and I can't find any blogs on it. Federating AppleIDs seems like it's part of the puzzle too? As a way of curtailing the Find My tools from being used after off-boarding.
|
|
#
¿
May 19, 2020 06:25
|
|
|
|
| # ¿ Apr 19, 2024 16:45 |
|
|
Toast Museum posted:Jamf Connect is formerly NoMAD, so you might find more discussion under that name, if that hasn't been part of your search. Oh yeah, totally aware of NoMAD. we've been tinkering with it a bit but engineer excitement is not the same as widespread academic takeup. Jamf Connect does seem to do the thing while NoMAD was a bandaid of trying to make OSX act like a enterprise system, without giving up to enterprise controls. We're at the point of not caring and trying to create a managed environment OSX and a big first step is making OSX play with AzureAD user accounts.
|
|
#
¿
May 20, 2020 01:00
|
|