![]() I prefer to call it Light Touch Deployment. If it was truelly zero touch I would be able to open my mac and everything would already be done. I highly recommend using Dan Snelson's great Setup Your Mac:Īs a side rant.I really don't like the term zero touch. Were on Prem and have a very similar solution to this. All the apps and settings get installed and then force the user to logout to activate Filevault.Ideally you want to have your user blocked from doing anything on the mac until its complete This is were you set up something fancy with swiftDialoug or any of the other options. At desktop, EnrollmentComplete trigger should fire off from JAMF.(If you don't have JAMF connect, user might need to input password here).MDM authenticates user and creates account.Wifi connect to apple, tells it the url of the MDM.User gets mac and opens it up.logs into wifi.Assuming you have everything above here's how in theory it would work: Ideally have an authentication method for the user.AD works. There are some great suggestions already.but I'll add my 3 cents. Like do you guys use Apple Business Manager? Volume Purchasing Program? APNS set up? Jamf connect? Because that will determine somethings in JAMF settings. I think we need a bit more information here. This doc covers how to open internet an on prem JAMF instance. You may want to take a look at the Jamf 100 course, it's free online and covers the basics of Jamf Pro. User logs in the comp portal to register the Mac with Azure (intune) (assuming Azure is open internet if the Mac is off prem) Jamf Pro allows for a Zero Touch deployment along with software management, security and MDM entirely separate from Jamf Connect. ![]() User logs in to macOS using their LAN credentials.You need to find a modern IDP solution like JAMF Connect. If the user is off prem you cant domain bind nor can they log in with a mobile account if even the device is domain bound as the Mac cant see the domain controller. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |