General Requirements


Server	Windows Server 2016 or later joined to a domain that has a trust relationship with the domain of the certificate authority For more information about joining the server to a domain that has a trust relationship with the domain of the certificate authority, see the Joining Server Computers to the Domain and Logging On documentation from Microsoft. .NET Framework 4.8 or later To download the .NET Framework, go to https://www.microsoft.com/net PowerShell 5.1 (for the installation script) Note: When upgrading to Jamf Pro 10.30.0 or later, ensure all web applications in clustered environments are able to communicate with the configured Jamf AD CS Connector.
Network	DCOM— The Jamf AD CS Connector uses Microsoft Distributed Component Object Model (DCOM) to communicate with AD CS. You must have the following TCP ports open for this communication: 135 49152-65535 For more information, see the [MS-DCOM]: Distributed Component Object Model (DCOM) Remote Protocol> documentation from Microsoft. HTTPS— Jamf Pro initiates HTTPS connections with the Jamf AD CS Connector, typically on TCP port 443. The HTTPS port must be opened, inbound on: your network firewall the Windows Firewall running on the server on which the Jamf AD CS Connector is installed Important: For clustered, on-premise environments using Jamf Pro 10.30.0 or later, the Jamf AD CS Connector must be reachable from both (or all) nodes. In addition, since the Jamf AD CS Connector host must be bound to the domain, the ports required by Microsoft to support binding should be open between the Jamf AD CS Connector host and AD domain controller. For more information, see the following articles: Network Ports Used by Jamf Pro Primary and Secondary Web Application Responsibilities

	Integrating with Active Directory Certificate Services (AD CS) Using Jamf Pro
	Version 10.30.0 or Later July 2022 \| Other Versions