Introduced in macOS 26 Apple Business Manager (ABM) supports migrating devices from one MDM to another. One unintended feature of this is the ability to use the migration to repair broken MDM communications, including mismatched APNs topics with expired MDM profiles. This saves IT from performing a device erase or going into recovery mode. ThisContinue reading “Fixing MDM Communications With Apple Business Manager Migration”
Author Archives: Isaac
Jamf MSP Co-Management With Jamf Account
MSPs who provide co-managed services with customers using Jamf products face interesting dilemmas when it comes to implementing SSO: Luckily Jamf’s recent implementation of Jamf Account SSO solves these challenges! This post will go over the steps to properly set this up co-management to solve these issues and grant both the MSP and customer accessContinue reading “Jamf MSP Co-Management With Jamf Account”
Jamf Account Group Authorization in Jamf Pro with Okta
With the release of Jamf Pro 11.15 Jamf has been forcing customers to enable Jamf Account OIDC for authentication to use new features. In the default OIDC configuration each admin needs to be manually provisioned in Jamf Pro. As an MSP this is a difficult change to implement when you have to manage multiple consultantsContinue reading “Jamf Account Group Authorization in Jamf Pro with Okta”
Details button not working in Jamf Pro policy logs
Starting with the 11.13 update Jamf Pro administrators have reported that the details button in policy logs isn’t working as intended. Instead of showing the details of the policy clicking this button no longer does anything. This can make troubleshooting policy errors difficult. Fortunately after some discussions on Mac Admins Slack https://www.macadmins.org it’s been identifiedContinue reading “Details button not working in Jamf Pro policy logs”
Major macOS deferrals may rollback security fixes
Apple provides the ability to defer major macOS upgrades to prevent early adoption of major OS versions on managed devices. Having a major deferral in place that’s longer than an existing minor deferral may leave computers with an immediately pending macOS update after a macOS Upgrade, which could cause computers to rollback already applied securityContinue reading “Major macOS deferrals may rollback security fixes”
Undocumented change in Jamf Pro 11.11 limits policy logs
In Jamf’s November 2024 Jamf Pro 11.11 update Jamf silently added in a 25 KB limit to policy log output. This will limit the your ability to troubleshoot scripts that fail to run with an output more than 25 KB. Jamf support notes that this is to prevent “server degradation”. There is no public documentationContinue reading “Undocumented change in Jamf Pro 11.11 limits policy logs”
How to run unsigned apps in macOS 15.1
Apple uses code signatures to verify app are created by a specific developer and haven’t been tampered with. This is done through Apple’s Gatekeeper process which blocks execution of known bad code or code with no signature at all. In versions of macOS prior to 15.1 you bypass this block by going to System SettingsContinue reading “How to run unsigned apps in macOS 15.1”
Tricking require an admin password to access system-wide settings
Summary macOS has a setting under System Settings > Security and Privacy > Advanced called “Require an administrator password to access system-wide settings” (I’m going to call it “require admin setting” from here out). The help section describes this option as “Prevent users from changing locked system settings without an administrator’s password.” Unfortunately the settingContinue reading “Tricking require an admin password to access system-wide settings”
Jamf Pro Framework Not Installing or Redeploying
Starting on or around Monday June 26th we recently ran into some issues where the Jamf Pro Binary located at /usr/local/bin/jamf was missing on newly enrolled computers. The computers would be MDM enrolled but and would receive configuration profiles but the Jamf Management Framework, including Self Service and the jamf binary would be missing. BecauseContinue reading “Jamf Pro Framework Not Installing or Redeploying”
Capturing Jamf Protect Diagnostics to S3
While it doesn’t happen often at all sometime your staff will have issues performance issues with Jamf Protect. This was apparent for us recently with an issue that was patched in 3.1.4.425, which was compounded by a Unified Logging filter that generated a lot of information. In the process of gathering logs for support weContinue reading “Capturing Jamf Protect Diagnostics to S3”
IT Notes 