What's New

Compatibility with iOS and tvOS

Jamf Pro 10.7.0 provides compatibility with iOS 12 and tvOS 12. This includes compatibility for the following management workflows:

  • Enrollment and inventory reporting

  • Configuration profiles

  • App distribution

  • Self Service installation

  • Self Service launches and connections

  • App distribution via Self Service

Compatibility with macOS 10.14 will be provided in an upcoming release of Jamf Pro.

Configuration Profiles

Computer Configuration Profiles Enhancements

The following table provides an overview of the computer configuration profile enhancements in this release, organized by payload:

Setting

OS Requirement

Description

Exchange

Use OAuth for authentication

macOS 10.14 or later

Jamf Pro now allows OAuth authentication. When this is selected, a password is not required.

AD Certificate

Enable Automatic Renewal

macOS 10.13.4 or later

You can now allow a certificate obtained with the AD Certificate payload to attempt to renew automatically.

Restrictions

Allow proximity based password sharing requests

macOS 10.14 or later

You can now allow computers to share passwords with other nearby computers.

Allow password sharing

macOS 10.14 or later

You can now allow users to share passwords via Airdrop.

Allow password AutoFill

macOS 10.14 or later

You can now allow users to use AutoFill passwords and saved passwords in Safari and other apps.

SCEP

Allow export from keychain

macOS 10.13.4 or later

You can now allow the private key to be exported from the keychain.

Allow access to all apps

macOS 10.13.4 or later

You can now allow all apps to access the certificate in the keychain.

VPN

Enable VPN On Demand

macOS 10.11 or later

Jamf Pro now allows you to configure VPN On Demand rules. You can specify when and how devices are able to access your VPN services. To configure this feature, you must upload a configuration XML file that contains your rules. This feature is available for any supported VPN type.
Note : This feature was made available in Jamf Pro 10.6.2.

Mobile Device Configuration Profile Enhancements

The following table provides an overview of the mobile device configuration profile enhancements in this release, organized by payload:

Setting

OS Requirement

Details

Exchange ActiveSync

Use OAuth for authentication

iOS 12 or later

Jamf Pro now allows OAuth authentication. When this is selected, a password is not required.

Restrictions

Allow proximity based password sharing requests

Supervised devices with iOS 12 or later, tvOS 12 or later

You can now allow devices to share passwords with other nearby devices.

Force automatic date and time

Supervised devices with iOS 12 or later

You can now force the date and time to be set automatically.

Allow password sharing

Supervised devices with iOS 12 or later

You can now allow users to share passwords via Airdrop.

Allow password AutoFill

Supervised devices with iOS 12 or later

You can now allow users to use AutoFill passwords and saved passwords in Safari and other apps.

VPN

Enable VPN On Demand

iOS 8 or later

Jamf Pro now allows you to configure VPN On Demand rules. You can specify when and how devices are able to access your VPN services. To configure this feature, you must upload a configuration XML file that contains your rules. This feature is available for any supported VPN type.
Note : This setting was made available in Jamf Pro 10.6.2.

PreStage Enrollment Enhancements

Additional Skip Steps

You can now select the following skip steps for computer and mobile device PreStage enrollments:

  • True Tone Display (macOS only)

  • Choose your Look (macOS only)

  • Software Update (iOS only)

  • Screen Time (iOS only)

  • iMessage and FaceTime (iOS only)

Jamf Pro Server Tools Command-Line Interface for On-Premise Installations

Starting with Jamf Pro 10.7.0, the Jamf Pro installers include a software tool called the Jamf Pro Server Tools command-line interface (CLI) that you can use to perform the following server and database maintenance tasks:

  • Start, stop, and restart the Jamf Pro server

  • Start, stop, and restart the MySQL server

  • Back up and restore the database

  • Convert the MySQL database storage engine to InnoDB

The CLI simplifies the above tasks. Existing methods using the Jamf Pro database utility will still work. The CLI will replace the Jamf Pro database utility in a future release of Jamf Pro.

The CLI is available in the "bin" directory in your Jamf Pro installation:

  • Linux: /usr/local/jss/bin/jamf-pro

  • macOS: /Library/JSS/bin/jamf-pro

  • Windows: C:\Program Files\JSS\bin\jamf-pro.exe

For additional information on using the CLI, see the Using the Jamf Pro Server Tools Command-Line Interface Knowledge Base article.

Smart Computer Groups and Advanced Computer Search Enhancements

Performance improvements have been made to smart computer group and advanced computer search calculations.

In addition, smart computer groups and advanced computer searches can now match certain criteria against a regular expression. To use this feature in Jamf Pro, navigate to Computers > Smart Computer Groups for a smart computer group search or Computers > Search Inventory for an advanced computer search. Navigate to the Criteria tab, where you can now choose “matches regex” or “does not match regex” as an operator.

Jamf Self Service for iOS

Jamf Self Service 10.7.0 includes the following enhancements:

  • Accessibility Improvements—Improved VoiceOver support in Jamf Self Service for iOS.

  • Stability Enhancements—Improved the stability of Jamf Self Service for iOS.

Note: Jamf Self Service 10.7.0 will be available from the App Store when it is approved by Apple.

macOS Intune Integration Enhancements

  • When configuring a Conditional Access policy in Microsoft Intune, you can now select the All cloud apps option instead of selecting individual apps. To ensure you are still able to register new devices and monitor devices, on the Exclude tab in Intune, select the "Jamf Native macOS Connector" app and the "Microsoft Intune Enrollment" app.
    Important: All end users in the scope of the macOS Intune Integration policy who have registered their Mac computers with Azure Active Directory will be prompted to log in to Microsoft Azure after upgrading to Jamf Pro 10.7.0.

  • The Integrating with Microsoft Intune to Enforce Compliance on Mac Computers Managed by Jamf Pro technical paper has been updated to include all inventory attributes shared with Microsoft Intune.

Best Practice Workflows for Jamf Pro

Best Practice Workflows for Jamf Pro provide step-by-step instructions to help you better understand and master key concepts in Jamf Pro. The following Best Practice Workflows are now available:

Jamf Pro API Changes and Enhancements

The Jamf Pro API beta is open for user testing. The base URL for the Jamf Pro API is /uapi. To access the Jamf Pro API documentation, append "/uapi/doc" to your Jamf Pro URL. For example: https://jss.mycompany.com:8443/uapi/doc

Note: As the Jamf Pro API continues to be developed, changes will be made in future releases that may impact or break functionality. We strongly encourage that you test existing workflows using the Jamf Pro API before upgrading your production environment.

  • The following endpoints for advanced mobile device searches have been added under the /devices tag:

    • GET /devices/advancedSearches

    • POST /devices/advancedSearches

    • GET /devices/advancedSearches/choices

    • POST /devices/advancedSearches/deleteSearches

    • GET /devices/advancedSearches/{id}

    • PUT /devices/advancedSearches/{id}

    • DELETE /devices/advancedSearches/{id}

  • The GET /devices/extensionAttributes endpoint has been added for mobile device extension attributes under the /devices tag.
    Note: The only valid query parameter for this endpoint is "select=name". Failure to input "name" will result in a 404 error.

  • The following endpoints for Single Sign-On (SSO) have been added under the /settings tag:

    • GET /settings/sso

    • PUT /settings/sso

    • GET /settings/sso/cert

    • POST /settings/sso/cert

    • PUT /settings/sso/cert

    • DELETE /settings/sso/cert

    • GET /settings/sso/metadata/download

    • GET /settings/sso/cert/download

    • GET /settings/sso/history

    • POST /settings/sso/history/notes

Warning: Server-side validation has not been implemented for the PUT /settings/sso and PUT /settings/sso/cert endpoints. This allows invalid SSO configurations to be set via requests to these endpoints.

Jamf Pro API Removals

  • The languageName key has been removed from the EnrollmentProcessTextObject and LegacyEnrollmentProcessText models.

  • The categoryName key has been removed from the Script model.

Other Changes and Enhancements

  • You can now automatically force apps to update on computers and mobile devices independently of the app updating in Jamf Pro.

  • You can now install Mac App Store apps on computers without requiring the local user account to be MDM-enabled or without requiring that an end user be logged in.

  • Jamf Pro now enables you to install Apple TV apps on Apple TV devices with tvOS 12 or later via VPP-managed distribution.

  • You can now prevent a user from enabling Activation Lock on their mobile device. You can also use Jamf Pro to enable Activation Lock directly on the device. These options can be selected when enrolling devices with Jamf Pro using a PreStage enrollment. In addition, a secondary Activation Lock Bypass code is available for the device in the inventory information if Activation Lock has been enabled directly on the device.
    For more information about Activation Lock and Jamf Pro, see the Leveraging Apple's Activation Lock Feature with Jamf Pro Knowledge Base article.

  • You can now update mobile devices with iOS 11.3 or later to a specific iOS version.

Further Considerations

  • Privileges associated with new features in Jamf Pro are disabled by default.

  • It is recommended that you clear your browser's cache after upgrading Jamf Pro to ensure that the Jamf Pro interface displays correctly.

Copyright     Privacy Policy     Terms of Use     Security
© copyright 2002-2018 Jamf. All rights reserved.