An icon used to represent a menu that can be toggled by interacting with this icon.
Now that we have configured the connection between EMS and Jamf Pro we need to make sure that the macOS devices can also be registered to Azure AD. To be able to complete the scenario we need to do the following;
- configure compliance policies
- deploy the company portal app with Jamf Pro
- create a Jamf policy that users need to register their device with Azure AD.
JAMIN on OS X I am not used to the terminal nor programmation. I used in the seventies to program on hard cards when I was a student I then started Personal Computing mid eighties on a Macintosh Plus, forgetting the archaic lines of code of DOS. I am testing ARDOUR 2 beta 8 on my G4 1,3 Ghz. This guide provides step-by-step instructions on how to deploy macOS upgrades and updates with Jamf Pro. Hello, I hope everyone enjoys this video!I noticed some jammers couldn't log in on AJ classic & AJ so I decided to teach you how to download it then play!Ple. Share your videos with friends, family, and the world.
Configuring compliance policies need to be done in Microsoft Intune, for macOS devices you are able to check compliance for the following options;
- Check if system integrity protection is enabled on the device.
- Minimum and maximum OS version
- check if a password is required to unlock the device
- check if complexity of the password is configured.
- check if encryption is enabled.
In this blog I will require encryption to be enabled and require that the minimum macOS version is 12. (a non-existing value)
The Intune Company Portal is not available in the App Store of Apple, so we need to download it from Microsoft and create a policy to deploy it to the macOS devices.
- First download the latest version of the Intune Company Portal for macOS.
- In the Jamf Pro admin console, go to Management Settings, Computer Management and click Packages.
- Click New, click Choose File and browse to the file called CompanyPortal-Installer.pkg.
- Click Save and wait until the file is uploaded.
- Click Computers and Policies.
- Click New, and supply a display name
- Enable the options Enrollment Complete and Recurring Check-in.
- Click Packages and Configure.
- Click Add next CompanyPortal-Installer.pkg.
- Leave the action to Install and set the correct scope (eg All Computers and/or All Users).
- Click Save.
The last part of the configuration is creating a policy that forces the users to register their device with Azure AD.
- Still in the Jamf Pro admin console, go to Computers, Policies and click New.
- Supply a Name and click on the Microsoft Intune Integration payload.
- Click Configure
- Enable the checkbox Register computers with Azure Active Directory and click Scope to scope the deployment of the policy.
- Click Self Service and enable Make the policy available in Self Service.
- Click Save.
In Microsoft Intune you will see the macOS device appearing and you will see that it is managed by Jamf. And in this case it is not compliant.
View more information about why the device is not compliant in the Microsoft Intune console.
In the Jamf Pro console you see the device with the Azure AD information.
After the device is remediated, it will be reported as compliant.
The end user needs to go through some manual steps to register the Jamf managed device with Azure AD, so that the inventory can be shared with Microsoft Intune.
Registering the device
In the Self Service app from Jamf the user needs to start the Azure AD registration application to start the registration in Azure AD. The Intune Company Portal is automatically installed.
After starting the registration app, the Company Portal will automatically be started. Login with the user account you want to use to register the device.
Authenticate for the second time.
After the registration is done you will receive the message that the company access setup is completed.
Remediation of compliance issues
If a device is not compliant as shown below you can fix it via the Company Portal.
Click Fix It to see why the device is not compliant
Fix the issues and check the compliance state of the device again via Check Compliance.
After the fixing the issues the device is marked as compliant again.
While testing the solution the following notes were taken.
- After enrolling the device in Jamf Pro, be sure that the inventory has ran before starting the registration via the Company Portal.
- Don’t start the company portal manually for the registration, the company portal must automatically be started via the AD registration policy.
- Initiate a Policy scan on a macOS device via “sudo jamf policy”
- Initiate an Inventory scan on a macOS device via “sudo jamf recon” (by default inventory runs weekly)
- Only inventory from Jamf Pro is shared with Microsoft Intune
- Only the object ID’s of the user and device in Azure AD are shared from Azure AD with the Jamf Pro cloud
- Running the Test in Jamf Pro to test the connection is a good way to initiate a sync between the two cloud services.
Looking at this integration I think it is a great addition when you already manage your devices with Jamf Pro and you want to control access to Office 365 and/or Azure services via Conditional Access.
- Jamf Pro and Microsoft EMS better together – macOS devices – part 3 (this blog)
Comments
Triples the Music Content for Revolutionary New GarageBand Music Creation Software
MACWORLD EXPO, SAN FRANCISCO—January 6, 2004—Apple® today introduced Jam Pack, an add-on music content package for Apple’s revolutionary new GarageBand™ music creation software, announced today as part of iLife™ ‘04. Jam Pack triples the music content for musicians and aspiring musicians alike with over 2,000 additional loops including many for hip-hop and electronica; over 100 additional software instruments, including a concert grand piano and 12 string guitars; over 100 additional pro-quality effects presets; and 15 additional guitar amps, including surf, grunge, heavy blues and atmospheric.
“GarageBand is like having over 50 musical instruments, a studio of professional musicians and the best recording engineers right at your fingertips,” said Steve Jobs, Apple’s CEO. “And Jam Pack takes GarageBand even further, with even more professional-quality instruments, loops, effects and guitar amps.”
GarageBand turns the Mac® into a high-quality musical instrument and complete recording studio, allowing both novice and seasoned musicians alike to easily play, record and create amazing music using a remarkably simple interface. With GarageBand, recorded performances, digital audio and looping tracks can easily be arranged and edited like building blocks to create a song. GarageBand comes with more than 50 software instruments, including a premium-quality grand piano, that can be played and recorded with any USB or MIDI music keyboard. Over 1,000 professionally pre-recorded audio loops can be combined to make complete songs or backing tracks. Vocals and live instruments such as guitars can be recorded digitally via microphone or analog input. All these tracks can be edited and mixed together with over 200 pro-quality effects presets, including pro-quality effects such as reverb and echo, and the built-in expertise of professional recording engineers. With GarageBand’s advanced modeling technology, guitar players have access to some of the most revered vintage amplifier sounds with 6 guitar amps, including clean jazz, arena rock and British invasion. GarageBand can also export completed songs to iTunes® for burning to CD, encoding in MP3 or high quality AAC, transfer to iPod™ or for use in the other iLife applications.
Pricing & Availability
Jam Pack will be available on January 16 for a suggested retail price of $99 (US) at the Apple Store® (www.apple.com), Apple’s retail stores and through Apple Authorized Resellers. GarageBand will be available on January 16, as part of iLife ‘04, for a suggested retail price of $49 (US) through the Apple Store (www.apple.com), Apple’s retail stores and Apple Authorized Resellers. GarageBand will also be included with all new Macs. An iLife Up-To-Date upgrade package, which includes GarageBand, is available to all customers who purchase a new Mac on or after January 6 that does not include iLife ‘04. The iLife Up-To-Date package is available for a shipping and handling fee of $19.95 (US).
Jam Pack will be available on January 16 for a suggested retail price of $99 (US) at the Apple Store® (www.apple.com), Apple’s retail stores and through Apple Authorized Resellers. GarageBand will be available on January 16, as part of iLife ‘04, for a suggested retail price of $49 (US) through the Apple Store (www.apple.com), Apple’s retail stores and Apple Authorized Resellers. GarageBand will also be included with all new Macs. An iLife Up-To-Date upgrade package, which includes GarageBand, is available to all customers who purchase a new Mac on or after January 6 that does not include iLife ‘04. The iLife Up-To-Date package is available for a shipping and handling fee of $19.95 (US).
GarageBand and Jam Pack require Mac OS® X v10.2.6 or later, QuickTime® 6.4 or later, a Macintosh® computer with PowerPC 600 MHz or faster G3, G4, or G5 processor, 256MB or more physical RAM and a 1024x768 or larger display. A G4 or G5 processor is required for GarageBand software instruments.
Apple ignited the personal computer revolution in the 1970s with the Apple II and reinvented the personal computer in the 1980s with the Macintosh. Apple is committed to bringing the best personal computing experience to students, educators, creative professionals and consumers around the world through its innovative hardware, software and Internet offerings.
Press Contacts:
Lara Vacante
Apple
(408) 974-7142
larav@apple.com
Lara Vacante
Apple
(408) 974-7142
larav@apple.com
Champion Mac Os Update
Apple, the Apple logo, Macintosh, Mac, Mac OS, GarageBand, iLife, iTunes, iPod, Apple Store and QuickTime are either registered trademarks or trademarks of Apple. Other company and product names may be trademarks of their respective owners.