![]() If your organization uses Jamf Pro to manage macOS devices, you can use Microsoft Intune compliance policies with Azure Active Directory conditional access to ensure that devices in your organization are compliant before accessing company resources. They will advise whether a case needs to be opened with Microsoft. NOTE If you encounter issues with the integration of Jamf and Intune, please open a ticket with Jamf first. Support Engineer Lucas Lenard (Support Engineer I and Geoff Root (Test Engineer I who worked closely with Shonda to get this article created. Shonda already published detailed steps on getting Jamf integration configured here, and today she follows that up with an article on how to troubleshoot integration if you encounter any issues. But it should be possible to change this URL back after the test.Hi everyone, today we have another post from Intune Support Engineer and resident Jamf expert Shonda Hodge. ![]() Of course we need to change the home page and reply URL in Intune, before we can test some registration from devices on the new server. There are not many information available, what will broke an already registered device, if nothing will be changed on the device itself (same device id, same user id, same tenant id, same conditional access rules still compliant.just a new JSS server and so a new MDM profile with an different management URL). But both should not change, if the device will be re-enrolled to a new server, right? So it should be possible to connect two different JSS to the same Azure tenant? Even if they have different URL.Īnd what happens to the already registered Mac devices from the old server? Does a new connector affect the state of these registrations? On the Azure AD / Intune portal device list I only see an Azure Computer device ID and an Azure User device ID. So only JSS will send the device inventory data to Intune and that's it? So, what is the technical meaning of this URL? Is it only used during the device registration (as the company portal app will be started from Self service and redirects to the Jamf pro server)? As far as I know, Intune will not directly access our JSS (it's even not possible with our current internal server). ![]() There's only one issue: the home page and reply URL, which is configured in Intune and links to our internal server at the moment. Is it possible to configure TWO Jamf pro server (at the moment with different databases) to the same Intune Application ID?Īs long as we have the valid tenant name, application id and application key, I don't see why this should not be possible. As we have no test server, we would like to run these both servers simultaneously as long as the new server is not ready for production. Our new server will now be installed and configured, so we want to do some tests (including Intune integration). So the management URL will change to a public URL. Now we want to replace this Jamf pro server with a new Jamf pro server which is accessible from the internet too. About half of these devices are already registered in Intune and conditional access is working. This Jamf pro server is our productive system and contains about 800 enrolled Mac devices. We already have a working configuration with an INTERNAL Jamf pro server and Intune Integration. I have some general questions about the Intune Integration and maybe somebody has more know-how about this. A video will be available of the demo that Dean Hager gave at the Ignite Session as well. We will have more details for you in October at our Jamf Nation User Conference. We will be providing more resources as they become available. The user is brought into Jamf Self Service to fix the compliance issue. ![]() We also provide an easy interface for remediation. Intune will evaluate the compliance and prevent the user from accessing email until the password is fixed. For example, let’s say our user is trying to access email, but the password is not strong enough. This allows you to protect your data by ensuring that 1) your user has proper authorization and authentication and 2) the device the user is on meets your compliance requirements. Second, we can now provide Conditional Access for Jamf managed Mac devices that are trying to access applications set up with Azure AD authentication. This will be great for reporting, and is similar to our existing SCCM plug-in that shares inventory with SCCM. You can drill into that macOS inventory record and see the status of that device. There are two big takeaways from this collaboration.įirst, you will now be able to share your Jamf Pro macOS inventory with Intune for a centralized view of devices. We're excited to announce our new collaboration with Microsoft EMS. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |