Microsoft does not guarantee the accuracy of third-party contact information. This contact information may change without notice. Microsoft provides third-party contact information to help you find additional information about this topic. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products. The third-party products that this article discusses are manufactured by companies that are independent of Microsoft.
JAMF PRO INTUNE SOFTWARE
TCP and UDP ports used by Apple software products.Network endpoints for Microsoft Intune - Apple device network information.Intune’s compliance engine evaluates inventory data from JamfPro and generates a report and enforces conditional access via Azure AD.
JAMF PRO INTUNE PRO
Support Tip: Troubleshooting issues with macOS devices when using Jamf/Intune integration Jamf Pro enforces compliance via the configuration profiles scoped to the macOS device and reports to Intune if the computer is managed based on the local attributes of the device at the time check-in.To fix the issue, make sure that the following TCP ports aren't blocked: This issue occurs if the ports that are required for communication between Jamf Pro and Intune are blocked by your firewall or proxy server. Check the configuration for Microsoft Intune Integration. When you try to configure Microsoft Intune integration in Jamf Pro, you receive the following error message that indicates a connection failure:Ĭould not retrieve the access token for Microsoft Graph API. all of them are show Compliant No.This article solves the connection failure that occurs when you try to integrate Microsoft Intune with Jamf Pro.
JAMF PRO INTUNE REGISTRATION
But we just had all the users registering their devices, the registration part is working fine, the users are members of the smart group that tells Jamf to send status Compliant Yes to Azure but. We had 4 test computers before running in production, i had 1 virtual machine and 3 physical machines and when testing with them it works great.
we are actually now facing a really strange issue. plist settings:Ĭan also advice to create a CP for Microsoft Enterprise SSO for company portal:īut. I can add that we automated the jamfAAD authentication as well by adding a configuration profile (CP) with this. Information and posts may be out of date when you view them. All content on Jamf Nation is for informational purposes only. If that has been created then you know the jamfAAD authentication was done correctly. Jamf does not review User Content submitted by members or other third parties before it is posted. plist file called ist and it's location is under users folder: "/Users/$loggedInUser/Library/Preferences/.plist" The reason it wasn't working before running "jamf manage" was because the jamfAAD authentication never popped up, meaning this part: Devices were showing up in Azure showing MDM "Microsoft Intune" and also the Compliance status Yes/No We later figured out, via other posts here in Jamf community, that if you add in the policy where you are running the payload "Microsoft Device Compliance - Register computers with Azure Active Directory"Ī "File and Processes" payload and "Execute Command" you run "jamf manage", so that basically "jamf manage" runs before registration.Īfter doing this, device registration to Azure was working every time.
We were getting the message "You're all set!" and the device was showing up in Azure AD under devices BUT on MDM it was saying "None" and Compliant "N/A". When we at first were registering devices with Company Portal we had issues. Now, remember you don't find the device object in Intune (meaning ) the devices that has registered with Company Portal are only showing up in Azure AD under devices and that's were you will see the compliance status as well (Yes or No). This also makes the Register button available in Self Service." - Computer members of this smart group is what tells Jamf to send status to Azure. "Applicable Group Smart group containing all computers Jamf Pro uses to send a compliance status to Microsoft Intune. So this smart group is where you wanna set certain criteria, for example Firewall needs to be ON, just one example to meet criteria to be a member of this group and count as being compliant "Yes". So if the device is not a member of this smart group the compliance status will show "No". "Compliance Group Smart computer group Jamf Pro will use to calculate device compliance." - The smart group that is connected to this one is the one that tells Jamf that these devices are Compliant and members here will make it so in Azure compliant is "Yes". We had issues as well in the beginning and we also mixed up the two smart groups at first meaning: I thought I can share how we have done it (it's working but not really and it's getting frustrating, to be honest).
0 kommentar(er)
