Microsoft Intune Integration

By integrating Jamf Pro with Microsoft Intune, organizations can ensure that only trusted users, from compliant devices, using approved applications, are accessing company resources.

Integrating with Microsoft Intune allows you to do the following:

  • Share Jamf Pro computer inventory with Microsoft Intune.

  • Enforce compliance policies defined in Microsoft Intune on computers managed by Jamf Pro.

  • Restrict access to applications set up with Azure Active Directory (Azure AD) authentication (i.e., Office 365).

  • Feature policies for users in the Device Compliance category in Jamf Self Service for macOS.

  • Create a policy registering user computers with Azure AD.

  • View Azure Active Directory ID attributes in Jamf Pro.

This section explains how to configure Microsoft Intune Integration settings in Jamf Pro. For step-by-step instructions on how to integrate with Microsoft Intune, including information on the workflows listed above, see the following technical paper:
Integrating with Microsoft Intune to Enforce Compliance on Macs Managed by Jamf Pro

Requirements

To configure Microsoft Intune Integration settings, you need:

Note: Microsoft Intune Integration is only available for computers running macOS 10.11 or later.

Configuring Microsoft Intune Integration Settings

The Microsoft Intune Integration settings allow you to set up the connection to Microsoft Intune in Jamf Pro. By setting up the connection, you can share inventory attributes with Microsoft Intune and apply compliance policies to computers.

  1. Log in to Jamf Pro.

  2. In the top-right corner of the page, click Settings images/download/thumbnails/17932096/Icon_Settings_Hover.png .

  3. Click Global Management.

  4. Click Microsoft Intune Integration images/download/attachments/17932096/Icon_microsoft_intune_integration.png , and then click Edit.

  5. Select the Enable Microsoft Intune Integration checkbox.
    When this setting is selected, Jamf Pro will send inventory updates to Microsoft Intune. Clear the selection if you want to disable the connection but save your configuration.

  6. Select the location of your Sovereign Cloud from Microsoft.

  7. Click Open administrator consent URL, and follow the onscreen prompts to allow the Jamf Native macOS Connector app to be added to your Azure AD tenant.

  8. Add the Azure AD Tenant Name from Microsoft Azure.

  9. Add the Application ID and Key for the Jamf Pro application from Microsoft Azure.

  10. Click Save. Jamf Pro will test the configuration and report the success or failure of the connection.

When the connection between Jamf Pro and Microsoft Intune is successfully established, Jamf Pro sends inventory information to Microsoft Intune for each computer that has registered with Azure AD. Registering the computer with Azure AD is an end user workflow. You can view Azure Active Directory ID information for a user and a computer in the Local User Account category of a computer’s inventory information in Jamf Pro. For detailed information on Azure AD device registration and inventory attributes sent to Microsoft Intune, see the Integrating with Microsoft Intune to Enforce Compliance on Macs Managed by Jamf Pro technical paper.

Testing the Microsoft Intune Integration

Once the Microsoft Intune Integration settings are configured, you can test the connection to make sure it works.

  1. Log in to Jamf Pro.

  2. In the top-right corner of the page, click Settings images/download/thumbnails/17932096/Icon_Settings_Hover.png .

  3. Click Global Management.

  4. Click Microsoft Intune Integration images/download/attachments/17932096/Icon_microsoft_intune_integration.png .

  5. Click Test.

  6. Click Test again.

A message displays, reporting the success or failure of the connection.

Copyright     Privacy     Terms of Use     Security
© copyright 2002-2018 Jamf. All rights reserved.