What's New

User Approved MDM Profile Notification

You can now notify users in Self Service and in Notification Center that they must approve your organization’s MDM profile.

Users are notified via a pop-up dialog every time they launch Self Service and via a Notification Center notification that is automatically sent once per week or after Tomcat is restarted. In order to approve your organization’s MDM profile, end users must be able to access the Profiles pane in System Preferences.

Note: This feature is enabled by default. However, the Notification Center notification will not be sent unless Self Service Notifications are enabled and a valid proxy server token is uploaded to Jamf Pro.

To access this feature in Jamf Pro, navigate to Settings > Computer Management - Management Framework > Self Service > Configuration.

Mobile Device Configuration Profiles

The following table provides an overview of the mobile device configuration profile enhancements in this release, organized by payload:

Setting

OS Requirement

Description

TV Remote

 

iOS 11.3 or later
tvOS 11.3 or later

You can now configure the TV Remote payload for mobile devices to restrict Apple TV Remote app connections, and define available Apple TV destinations.

Home Screen Layout

Dock Layout/Page Layout

Supervised devices with iOS 11.3 or later

You can now add web clips to the Home Screen Layout payload when your configuration includes the Web Clips payload.

Important: The following settings must match the respective fields in both payloads:

  • The Display Name field in the Home Screen Layout payload must match the Label field in the Web Clips payload.

  • The Unique ID field in the Home Screen Layout payload must match the URL field in the Web Clips payload.

Note: When you deploy configuration profiles with the Home Screen Layout payload with web clips to a device with iOS 11.2 or earlier, the Dock layout items may fail to display.

Mobile Device Remote Commands

You can now prevent users from being prompted to configure their wiped device using Proximity. To prevent the use of Proximity during set up, select the Suppress Proximity Setup checkbox when wiping mobile devices with iOS 11.3 or later. This command can be sent as a remote command or a mass action.

Webhooks Enhancements

The following features have been added to the Webhook settings:

  • Basic Authentication—You can now use the username and password option for Basic Authentication when configuring a webhook. When specified, the credentials will be included in the Authorization header sent to your webhook receiver.
    Note: It is recommended to use HTTPS (TLS) connections whenever a webhook may contain authentication or other sensitive information.

  • Webhook events for specific smart device groups—You can now choose which smart device group will trigger the "SmartGroupMobileDeviceMembershipChange" webhook event. The webhook message will include all devices that have been added or removed from a smart device group.
    Note: When a smart device group associated with a webhook is deleted, a warning displays in Jamf Pro.
    More information can be found on the Jamf Developer Portal:
    https://developer.jamf.com/webhooks#smartgroupmobiledevicemembershipchange

Entrust CA Integration

You can now integrate with an Entrust Certificate Authority to enroll computers and mobile devices with Jamf Pro and to issue device certificates.

Microsoft Intune Integration Enhancements

  • Change in logging output from jamfAAD for computers registered with Azure Active Directory
    This version of jamfAAD adopts Apple's Unified Logging that uses a Mac system-wide database to store log data (available for macOS 10.12 or later). You may see the log information for a computer by using the Console.app program on a Mac, or from Terminal using the following command:

    log show --predicate 'subsystem CONTAINS "jamfAAD"' --last 30m
    Note: The "--last 30m" option can be changed to other time frames of interest.

  • The Microsoft Intune Integration connection test setting now appears inside the Microsoft Intune Integration settings page and is available without going into edit mode.

Recon Timeout

You can now set the communication timeout in Recon. The default timeout is two minutes. To access this feature in Recon, navigate to Preferences > Jamf Pro Server.

Upcoming GDPR Support

Jamf is committed to complying with the EU General Data Protection Regulation (GDPR) when it becomes enforceable on May 25, 2018. Jamf is also committed to updating our products to help our customers comply with applicable GDPR requirements. Information describing GDPR compliance workflows will be available with an upcoming supplemental release of Jamf Pro.

Further Considerations

  • Privileges associated with new features in Jamf Pro are disabled by default.

  • It is recommended that you clear your browser's cache after upgrading Jamf Pro to ensure that the Jamf Pro interface displays correctly.

Copyright     Privacy     Terms of Use     Security
© copyright 2002-2018 Jamf. All rights reserved.