![]() ![]() It is strongly suggested that institutional directory access be granted via a special, read only, service-user account with permissions engineered and used for this purpose only.Ĥ) Each site owner must ensure that institutional firewall access is granted on the required ports for directory ldaps access (typically 636 or custom ports) and client access over the standard HTTPS port (443) to the hosted JSS. NOTE: Accounts can not be created on the central JSS for institutional individuals or groups. JAMF Pro is designed for machine management, however features like User Self-Service are also availabe but requires access to a broader institutional user information than a simple group of machine administrators. Only READ ONLY access to the User Name (typically uid or sAMAccountName), User ID (uidNumber) and Group Membership (memberOF) attributes of the User record and the Group name (cn) and Group Id (gid or uSNCreated, this is a number) attributes of the Groups record is required unless the directory uses a different configuration (most commonly this would be acess to the Member attribute of the Group record instead of User>MemberOf). directory uses self-signed certificates) special arrangements will have to be made with JAMF support to get the correct certificate chains added to the hosting server. NOTE: If the secure ldap connection requires a non-standard certificate (i.e. Note that all packages are shared and evey group is responsible for license compliance with each vendor for the packages used at that group’s institution.ģ) Each Site owner must provide secure (ldaps) access to a supported directory (AD or ldaps) containing a group of people that are the administrators of their JAMF Pro Site. UNC Institutions should contact their CPI representative for costing and purchasing detailsĢ) Each Insititutional group will have their own JAMF Pro Site for secure federated management. What is required to use the UNC Wide JAMF Pro Service?Ġ) An authorized agent of the institution must sign and comply with the UNC Wide JAMF Pro Memorandum of Understanding for security and compliance purposes.ġ) Insititutional groups must purchase at least 10 licenses for either OS X or iOS devices (or 10 OSX and 10 iOS if both are required) to have their own JAMF Pro Site. ![]() What is the requirement for access to a campus directory (AD or LDAP)?Īre there firewall requirments to use the UNC Wide JAMF Pro Service?ĭoes the UNC Wide JAMF Pro Service have Apple GSX access for automated lookup of Apple Devices?Ĭan JAMF Software’s SCCM Plug-In be used with the UNC Wide JAMF Pro Service?Īre NetBoot or Software Update Servers Provided with the UNC Wide JAMF Pro Service? What is required to use the UNC Wide JAMF Pro Service? The service makes use of the Jamf Cloud Distribution Service (JCDS) which is hosted by JAMF Software to distribute installer packages. The UNC Wide JAMF Pro Service is a deployment of the UNC System Agreement – JAMF Software’s JAMF Pro license that uses a shared JPS server hosted by JAMF Software at nc. to provide secure, federated, enterprise management of Apple devices across participating UNC System Institutions.
0 Comments
Leave a Reply. |