Deprecations and Removals

Deprecations

The following items were deprecated in this release:

  • ReconJamf will stop distributing Recon in a future release of Jamf Pro (estimated removal date: November–December 2022).
  • Jamf Self Service Web ClipJamf will remove the Automatically install Self Service web clip option from Jamf Pro in a future release of Jamf Pro (estimated removal date: January 2023).

The following items were deprecated in a previous release:

  • Removal of unverified SSL certificates in Jamf ProIn a future release of Jamf Pro the option to use an unverified SSL certificate for Jamf Pro will be removed. Customers with Cloud-hosted environments and those with a verified third-party certificate will see no changes. Customers with On-Premise environments using Jamf Pro's built-in certificate authority to issue SSL certificates need to move to a trusted third-party certificate.
  • Nonsecure communication to and from the Jamf management frameworkBeginning in an upcoming release of Jamf Pro, the Jamf management framework on managed computers will only allow communication over HTTPS. This will not affect management functions or communication with the Jamf Pro server, but workflows involving distribution points that are configured to communicate over HTTP without SSL will no longer be viable. In addition, the Use SSL setting in Jamf Pro (Settings > File Share Distribution Points > Distribution Point > HTTP/HTTPs > Use HTTP Downloads > Use SSL) will be permanently enabled for all file share distribution point configurations and removed from the Jamf Pro interface. This change does not affect workflows with cloud distribution points or cloud distribution point settings in Jamf Pro.
  • Conditional Access On-Premise SupportJamf will discontinue Conditional Access support in a future release of Jamf Pro (estimated removal date: late 2023) due to the migration away from Microsoft's Partner Device Management legacy API. Jamf will be offering an alternative solution called macOS Device Compliance using Microsoft's new Partner Compliance Management API in 2022. Customers who currently use macOS Conditional Access will need to move their workflows to macOS Device Compliance in Jamf Cloud. For more information on Jamf Cloud support, contact Customer Success.
  • Sign QuickAdd Package functionality for User-Initiated Enrollment settingsThe Sign QuickAdd Package checkbox in User-Initiated Enrollment settings will be removed in an upcoming release of Jamf Pro. This functionality is only used in legacy enrollment workflows involving QuickAdd packages and does not affect the user-initiated enrollment workflow.
  • Microsoft Azure AD Graph for Conditional AccessJamf will discontinue support of Azure AD Graph for Conditional Access in a future release of Jamf Pro (estimated removal date: December 2022) due to the deprecation of Microsoft's Azure AD Graph. If you previously modified the conditionalAccessDomains.json file, Jamf recommends editing the file to add the "msGraphResourceUrl": "https://graph.microsoft.com/" property into GLOBAL settings and "msGraphResourceUrl": "https://graph.microsoft.us/" into US_GOVERNMENT settings. For more information on this deprecation, see the following documentation from Microsoft:

    Migrate Azure AD Graph apps to Microsoft Graph

  • Installation Location field in Jamf Self Service for macOS settings

    Starting with the release of Jamf Pro 10.37.0, hosting the Jamf Pro server on macOS will no longer be supported. Mac computers with Apple silicon are not supported by the Jamf Pro Installer for macOS. In addition, the Jamf Pro Installer for macOS will not be available to download. The Jamf Pro utilities that were included in the Jamf Pro Installer for macOS—Composer, Jamf Admin, Jamf Recon, and Jamf Remote—will be made available as a separate download.

    The Installation Location field will be removed from Settings > Self Service > macOS in a future release of Jamf Pro. The default installation of Self Service will be located in the /Applications folder. Jamf recommends moving your Self Service folder into the /Applications folder before this removal.
  • Basic authenticationBasic authentication in the Classic API will no longer be enabled by default for new Jamf Pro instances for enhanced security (target release: Jamf Pro 10.43.0). Support for Basic authentication will be removed in a future release. Jamf will provide additional information at a later date. To disable Basic authentication before support is removed, navigate to Settings > Jamf Pro User Accounts & Groups > Password Policy and deselect the Allow Basic authentication in addition to Bearer Token authentication checkbox.
  • TLS 1.0 and 1.1 in Java 11The TLS 1.0 and 1.1 communication protocols used in Java 11 will be disabled in a future release of Jamf Pro. You can disable TLS 1.0 and 1.1 before that time by performing the instructions in the following article: Disabling TLS 1.0 and 1.1 in Java 11.
  • Cache name SettingThe Cache name setting will be removed from the Single Sign-On Extensions payload in computer and mobile device configuration profiles in a future release because Apple deprecated them.
  • Computer Inventory Collection for PluginsThe ability to collect plugins for computers (Settings > Computer Management > Inventory Collection > Plugins) will be removed in a future release of Jamf Pro.
  • Password expiration, Replication time SettingsThe Password expiration and Replication time settings will be removed from the Single Sign-On Extensions payload in computer configuration profiles in a future release because Apple deprecated them.
  • blacklistedAppBundleIDs, whitelistedAppBundleIDs, Whitelist KeysThe blacklistedAppBundleIDs, whitelistedAppBundleIDs, and Whitelist keys will be removed from mobile device configuration profiles in a future release because Apple deprecated them.
  • Skip Display Tone and Skip Home button sensitivity SettingsThe Skip Display Tone and Skip Home button sensitivity settings will be removed from the Skip Setup Items payload for mobile device configuration profiles in a future release.
  • True Tone Display SettingThe Home Button Sensitivity and True Tone Display settings will be removed from the General payload for computer and mobile device PreStage enrollments in a future release.
  • Home Button Sensitivity SettingThe Home Button Sensitivity setting will be removed from the General payload for the mobile device PreStage enrollment in a future release.
  • Functionality to issue the Tomcat SSL/TLS certificate from Jamf Pro's built-in certificate authorityJamf Pro's functionality to issue the Tomcat SSL/TLS certificate from the JSS built-in certificate authority (CA) will be discontinued in an upcoming release of Jamf Pro. The release version for this change has not been determined. Before this change occurs, it is recommended that all on-premise Jamf Pro instances leveraging this functionality switch to a publicly trusted third-party CA to issue the Tomcat SSL/TLS certificate. This will prevent the potential loss of MDM communication from Jamf Pro to enrolled devices. If needed, a Tomcat SSL/TLS server certificate for Jamf Pro may be issued from an internal certificate authority. The JSS built-in CA will maintain its current ability to manually issue server certificates to other servers.
  • Patch management software titlesSome Jamf patch management software titles have been deprecated and replaced with updated titles. These titles are each labeled as a legacy definition in Jamf Pro. Software titles marked as legacy definitions will continue to be updated as new versions become available; no action is required at this time.
  • The "DIGEST-MD5" authentication type option"DIGEST-MD5" will be removed from the authentication type options in a future release of Jamf Pro. This authentication type option displays when configuring an LDAP server to use Jamf Infrastructure Manager as a proxy server.
  • Device-specific Limited Access settings

    The Computer Access Only and Mobile Device Access Only Limited Access settings will be removed in a future release. Jamf Pro web app instances with one of these settings configured will automatically be updated to the Computer and Mobile Device Access setting. Administrators will only be able to assign Full Access or Computer and Mobile Device Access privileges after the deprecation.

  • "Synced to Computer" advanced mobile device criteriaThe advanced mobile device search criteria "Synced to Computer" will be removed in an upcoming release.
  • Support for Windows Server 2012 R2Support for Windows Server 2012 R2 will be discontinued in a future release.
  • Personal Device ProfilesIn conjunction with User Enrollment, Jamf intends to remove personal device profiles from Jamf Pro in a future release.
  • Webhook responses for ComputerPolicyFinished and ComputerCheckIn

    The ComputerPolicyFinished and ComputerCheckIn webhook responses will be modified to include additional information in a future release of Jamf Pro. These changes may break integrations that currently utilize these event types. For more information on specific changes and how you can adapt existing integrations to support the new response bodies, see Webhooks in the Jamf developer resources.

  • Supervise Devices and Make MDM Profile Mandatory settings in a Mobile Device PreStage enrollmentThe ability to supervise devices and require the user to install the MDM Profile during enrollment with a PreStage enrollment will be required and will be built-in functionality in a future release of Jamf Pro. As a result, these settings will be removed from the Jamf Pro user interface.
  • User-generated content in SiriThe User-generated content in Siri setting will be removed from the Restrictions payload for mobile device configuration profiles in a future release.
  • forceClassroomManagedClassroomScreenObservation key

    The forceClassroomManagedClassroomScreenObservation key will be removed from the Restrictions payload for mobile device configuration profiles in a future release. It will be replaced with the forceClassroomUnpromptedScreenObservation key.

  • IfLostReturnTo Message key

    The grayscale key will be removed from the Accessibility payload for computer configuration profiles in a future release.

  • Jamf Pro URL for Enrollment Using Built-In SCEP and iPCUSupport for Apple's iPhone Configuration Utility (iPCU) was removed in a previous release and support for Non-HTTPS communication with the Jamf Pro Server by defining an HTTP URL will be removed from Settings > Global Management > Jamf Pro URL in a future release.
  • Support for non-certificate based client communication with the Jamf Pro ServerThe Enable certificate-based authentication checkbox will be removed from Settings > Computer Management > Security in a future release.

Removals

Correction

The following items were removed in an earlier release of Jamf Pro and inadvertently not included in the Removals list:

  • Hide Restore partition at login setting
  • Self Service for macOS 9.101.0 and earlier
  • Enable user-level Managed Preferences setting
Removed in version...Item Removed or DiscontinuedDescription

10.40.0

Jamf Remote

Jamf Remote has been removed from Jamf Pro.

This includes the screen sharing workflow using Jamf Remote. Jamf recommends to use TeamViewer for remote administration. For instructions on how to integrate TeamViewer with Jamf Pro, see TeamViewer Integration in the Jamf Pro Documentation.

10.37.0

Jamf Pro server hosted on macOS

Support for hosting Jamf Pro server on macOS has been discontinued. For instructions on migrating to a different platform, see the Migrating to Another Server article.

10.36.0Jamf Imaging

Jamf Imaging features and navigation elements have been removed from Jamf Pro.

This includes the removal of the boot_volume_required key from the packages API endpoint. Users will need to modify their endpoint to ignore the key.