Managing Policies

When you create a policy, you use a payload-based interface to configure settings for the policy and add tasks to it. For more information on the settings you can configure, see Policy Payload Reference.

After you create a policy, you can view the plan, status, and logs for the policy. You can also flush policy logs.

Note: To run a policy on a computer, the Allow Jamf Pro to perform management tasks checkbox must be selected in the computer inventory information. For more information on the management account, see About Computer Enrollment.

Creating a Policy

  1. Log in to Jamf Pro.

  2. Click Computers at the top of the page.

  3. Click Policies.

  4. Click New images/download/thumbnails/67633307/Icon_New_Button.png .

  5. Use the General payload to configure basic settings for the policy, including the trigger and execution frequency.
    For an overview of the settings in the General payload, see General Payload.

  6. Use the rest of the payloads to configure the tasks you want to perform.
    For an overview of each payload, see Policy Payload Reference.

  7. Click the Scope tab and configure the scope of the policy.
    For more information, see Scope.

  8. (Optional) Click the Self Service tab and make the policy available in Self Service.
    For more information, see Making Items Available to Users in Jamf Self Service for macOS.

  9. (Optional) Click the User Interaction tab and enter messages to display to users or allow users to defer the policy.
    For more information, see User Interaction.

  10. Click Save.

Running a Policy

There are two ways to run a policy with a pre-defined trigger. You can run a policy using the following methods:

  • Wait until the configured trigger event occurs.

  • Manually trigger the policy using the jamf binary.

If the policy has a pre-defined trigger, replace <triggerName> with the appropriate value. The following is a list of pre-defined triggers:

  • Startupstartup

  • Loginlogin

  • Logoutlogout

  • Network State ChangenetworkStateChange

  • Enrollment CompleteenrollmentComplete

  • Recurring Check-in—None (execute sudo jamf policy -verbose)

If the policy has a custom trigger, replace <triggerName> with the custom trigger name specified in the policy.

A policy with a custom trigger must be run manually using the jamf binary. Run policies using the following command on managed computers:

sudo jamf policy -event <triggerName> -verbose

Viewing the Plan for a Policy

The plan for a policy includes the following information:

  • An indicator light that shows whether the policy is enabled

  • The execution frequency for the policy

  • The triggers for the policy

  • The scope of the policy

  • The site that the policy belongs to

  • A list of actions for the policy

  1. Log in to Jamf Pro.

  2. Click Computers at the top of the page.

  3. Click Policies.
    A list of policies and their plans are displayed.

  4. To view the actions for a policy, click Expand images/download/thumbnails/67633307/Icon_Expand.png for the policy.

Viewing the Status of a Policy

For each policy, you can view a pie chart that shows the number of computers for which the policy has completed, failed, and is still remaining.

  1. Log in to Jamf Pro.

  2. Click Computers at the top of the page.

  3. Click Policies.

  4. Click Grid View images/download/thumbnails/67633307/Icon_Grid_View.png at the top of the list.

Viewing and Flushing Logs for a Policy

The logs for a policy include a list of computers that have run the policy and the following information for each computer:

  • The date/time that the policy ran on the computer

  • The status of the policy

  • The actions logged for the policy

  1. Log in to Jamf Pro.

  2. Click Computers at the top of the page.

  3. Click Policies.

  4. Click the policy you want to view logs for.

  5. Click Logs.

  6. To view the actions logged for a computer, click Show for the computer.
    To hide the information when you are done viewing it, click Hide.

  7. To flush a policy log for a single computer, click Flush for the computer.

  8. To flush all logs for the policy, click Flush All at the bottom of the pane.

Related Information

For related information, see the following sections in this guide:

Copyright     Privacy Policy     Terms of Use     Security
© copyright 2002-2019 Jamf. All rights reserved.