The following ports and endpoints must be accessible for Jamf and Intune to integrate correctly:Īpple: Ports 2195, 2196, and 5223 (push notifications to Intune)įor APNS to function correctly on the network, you must enable outgoing connections to, and redirects from the following ports: macOS devices with OS X 10.12 Yosemite or later.A Jamf Pro user account with Conditional Access privileges.Be sure to configure the Cloud Connector within 24 hours of removing your manual integration to ensure your registered devices can continue to report their status.įor more information about the Jamf Cloud Connector, see Configuring the macOS Intune Integration using the Cloud Connector on.Devices that are already registered can use the Cloud Connector without further configuration. You won't need to re-register devices.Then you can use the procedure to configure the Cloud Connector. Use the procedure to remove your current configuration, which includes deleting the Enterprise apps for Jamf Pro and disabling the manual integration.If you plan to replace your previous integration with the Jamf Cloud Connector: Both the removal of an existing integration and setup of the Cloud Connector are described in this article. For tenants that already have a manual configuration, you can choose to remove that integration, and then set up the Cloud Connector.Or you can manually configure integration as described in Integrate Jamf Pro with Intune for compliance For new tenants that don't yet integrate with Jamf, you can choose to configure the Cloud Connector as described in this article.When you use a manually configured connection, only a single instance of Jamf can integrate with an Azure tenant. You can integrate multiple instances of Jamf Pro with the same Azure tenant that hosts your Intune subscription.Ĭonnecting multiple instances of Jamf Pro with a single Azure tenant is supported only when you use the Cloud Connector.Set up automatically creates the Jamf Pro applications in Azure, replacing the need to manually configure them.We recommend use of the Jamf Cloud Connector as it automates many of the steps that are required when you manually configure integration as documented in Integrate Jamf Pro with Intune for compliance. Resource access is controlled by your Azure Active Directory (Azure AD) Conditional Access policies in the same way as for devices managed through Intune. Through integration, you can require that your macOS devices that are managed by Jamf Pro meet your Intune device compliance requirements before those devices are allowed to access your organization's resources. Pretty cool if you ask me □.This article can help you install the Jamf Cloud Connector to integrate Jamf Pro with Microsoft Intune. Next you will need to deploy Company Portal to devices using Jamf and setup compliance policies for macs managed by Jamf.ĭevices that are managed by Jamf will now start showing up in MEM as compliant devices and you can start using Conditional Access on them. Otherwise you can select specific users by adding your group. If you want all users to enroll with Jamf by default leave Assign to the default All users value. Go back to the Partner device management page in MEM console, the connection is now active.Then continue to enter your Application (client) ID and Client Secret that you copied earlier, then click on Save. I know it says Tenant name but the ID is what is required, at least in my testing. For Azure AD Tenant Name, enter your Azure AD Directory ID which you can find in Azure AD -> Properties. Check the Enable Intune Integration for macOS box.Sign in to your Jamf Pro console, then click on Settings and under Global management, select Conditional access.Choose Partner device management and activate the integration by pasting the Application (client) ID you copied earlier, then click Save.Sign in to the MEM console, then click on Tenant administration -> Connectors and tokens. Enable integration in Microsoft Endpoint Manager After this, the app registration is complete.Ģ.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |