Deprecations and Removals
Deprecations
The following items were deprecated in this release:
- Recon—Jamf will stop distributing Recon in a future release of Jamf Pro (estimated removal date: November–December 2022).
- Jamf Self Service Web Clip—Jamf will remove the Automatically install Self Service web clip option from Jamf Pro in a future release of Jamf Pro (estimated removal date: January 2023).
The following items were deprecated in a previous release:
- Removal of unverified SSL certificates in Jamf Pro—In a future release of Jamf Pro the option to use an unverified SSL certificate for Jamf Pro will be removed. Customers with Cloud-hosted environments and those with a verified third-party certificate will see no changes. Customers with On-Premise environments using Jamf Pro's built-in certificate authority to issue SSL certificates need to move to a trusted third-party certificate.
- Nonsecure communication to and from the Jamf management framework—Beginning in an upcoming release of Jamf Pro, the Jamf management framework on managed computers will only allow communication over HTTPS. This will not affect management functions or communication with the Jamf Pro server, but workflows involving distribution points that are configured to communicate over HTTP without SSL will no longer be viable. In addition, the Use SSL setting in Jamf Pro ( ) will be permanently enabled for all file share distribution point configurations and removed from the Jamf Pro interface. This change does not affect workflows with cloud distribution points or cloud distribution point settings in Jamf Pro.
- Conditional Access On-Premise Support—Jamf will discontinue Conditional Access support in a future release of Jamf Pro (estimated removal date: late 2023) due to the migration away from Microsoft's Partner Device Management legacy API. Jamf will be offering an alternative solution called macOS Device Compliance using Microsoft's new Partner Compliance Management API in 2022. Customers who currently use macOS Conditional Access will need to move their workflows to macOS Device Compliance in Jamf Cloud. For more information on Jamf Cloud support, contact Customer Success.
- Sign QuickAdd Package functionality for User-Initiated Enrollment settings—The Sign QuickAdd Package checkbox in User-Initiated Enrollment settings will be removed in an upcoming release of Jamf Pro. This functionality is only used in legacy enrollment workflows involving QuickAdd packages and does not affect the user-initiated enrollment workflow.
- Microsoft Azure AD Graph for Conditional Access—Jamf will discontinue support of Azure AD Graph for Conditional Access in a future release of Jamf Pro (estimated removal date: December 2022) due to the deprecation of Microsoft's Azure AD Graph. If you previously modified the conditionalAccessDomains.json file, Jamf recommends editing the file to add the "msGraphResourceUrl": "https://graph.microsoft.com/" property into GLOBAL settings and "msGraphResourceUrl": "https://graph.microsoft.us/" into US_GOVERNMENT settings. For more information on this deprecation, see the following documentation from Microsoft:
- Installation Location field in Jamf Self Service for macOS settings—
Starting with the release of Jamf Pro 10.37.0, hosting the Jamf Pro server on macOS will no longer be supported. Mac computers with Apple silicon are not supported by the Jamf Pro Installer for macOS. In addition, the Jamf Pro Installer for macOS will not be available to download. The Jamf Pro utilities that were included in the Jamf Pro Installer for macOS—Composer, Jamf Admin, Jamf Recon, and Jamf Remote—will be made available as a separate download.
The Installation Location field will be removed from in a future release of Jamf Pro. The default installation of Self Service will be located in the /Applications folder. Jamf recommends moving your Self Service folder into the /Applications folder before this removal. - Basic authentication—Basic authentication in the Classic API will no longer be enabled by default for new Jamf Pro instances for enhanced security (target release: Jamf Pro 10.43.0). Support for Basic authentication will be removed in a future release. Jamf will provide additional information at a later date. To disable Basic authentication before support is removed, navigate to Allow Basic authentication in addition to Bearer Token authentication checkbox. and deselect the
- TLS 1.0 and 1.1 in Java 11—The TLS 1.0 and 1.1 communication protocols used in Java 11 will be disabled in a future release of Jamf Pro. You can disable TLS 1.0 and 1.1 before that time by performing the instructions in the following article: Disabling TLS 1.0 and 1.1 in Java 11.
- Cache name Setting—The Cache name setting will be removed from the Single Sign-On Extensions payload in computer and mobile device configuration profiles in a future release because Apple deprecated them.
- Computer Inventory Collection for Plugins—The ability to collect plugins for computers ( ) will be removed in a future release of Jamf Pro.
- Password expiration, Replication time Settings—The Password expiration and Replication time settings will be removed from the Single Sign-On Extensions payload in computer configuration profiles in a future release because Apple deprecated them.
- blacklistedAppBundleIDs, whitelistedAppBundleIDs, Whitelist Keys—The
blacklistedAppBundleIDs
,whitelistedAppBundleIDs
, andWhitelist
keys will be removed from mobile device configuration profiles in a future release because Apple deprecated them. - Skip Display Tone and Skip Home button sensitivity Settings—The Skip Display Tone and Skip Home button sensitivity settings will be removed from the Skip Setup Items payload for mobile device configuration profiles in a future release.
- True Tone Display Setting—The Home Button Sensitivity and True Tone Display settings will be removed from the General payload for computer and mobile device PreStage enrollments in a future release.
- Home Button Sensitivity Setting—The Home Button Sensitivity setting will be removed from the General payload for the mobile device PreStage enrollment in a future release.
- Functionality to issue the Tomcat SSL/TLS certificate from Jamf Pro's built-in certificate authority—Jamf Pro's functionality to issue the Tomcat SSL/TLS certificate from the JSS built-in certificate authority (CA) will be discontinued in an upcoming release of Jamf Pro. The release version for this change has not been determined. Before this change occurs, it is recommended that all on-premise Jamf Pro instances leveraging this functionality switch to a publicly trusted third-party CA to issue the Tomcat SSL/TLS certificate. This will prevent the potential loss of MDM communication from Jamf Pro to enrolled devices. If needed, a Tomcat SSL/TLS server certificate for Jamf Pro may be issued from an internal certificate authority. The JSS built-in CA will maintain its current ability to manually issue server certificates to other servers.
- Patch management software titles—Some Jamf patch management software titles have been deprecated and replaced with updated titles. These titles are each labeled as a legacy definition in Jamf Pro. Software titles marked as legacy definitions will continue to be updated as new versions become available; no action is required at this time.
- The "DIGEST-MD5" authentication type option—"DIGEST-MD5" will be removed from the authentication type options in a future release of Jamf Pro. This authentication type option displays when configuring an LDAP server to use Jamf Infrastructure Manager as a proxy server.
- Device-specific Limited Access settings—
The Computer Access Only and Mobile Device Access Only Limited Access settings will be removed in a future release. Jamf Pro web app instances with one of these settings configured will automatically be updated to the Computer and Mobile Device Access setting. Administrators will only be able to assign Full Access or Computer and Mobile Device Access privileges after the deprecation.
- "Synced to Computer" advanced mobile device criteria—The advanced mobile device search criteria "Synced to Computer" will be removed in an upcoming release.
- Support for Windows Server 2012 R2—Support for Windows Server 2012 R2 will be discontinued in a future release.
- Personal Device Profiles—In conjunction with User Enrollment, Jamf intends to remove personal device profiles from Jamf Pro in a future release.
- Webhook responses for ComputerPolicyFinished and ComputerCheckIn—
The
ComputerPolicyFinished
andComputerCheckIn
webhook responses will be modified to include additional information in a future release of Jamf Pro. These changes may break integrations that currently utilize these event types. For more information on specific changes and how you can adapt existing integrations to support the new response bodies, see Webhooks in the Jamf developer resources. - Supervise Devices and Make MDM Profile Mandatory settings in a Mobile Device PreStage enrollment—The ability to supervise devices and require the user to install the MDM Profile during enrollment with a PreStage enrollment will be required and will be built-in functionality in a future release of Jamf Pro. As a result, these settings will be removed from the Jamf Pro user interface.
- User-generated content in Siri—The User-generated content in Siri setting will be removed from the Restrictions payload for mobile device configuration profiles in a future release.
forceClassroomManagedClassroomScreenObservation
key—The
forceClassroomManagedClassroomScreenObservation
key will be removed from the Restrictions payload for mobile device configuration profiles in a future release. It will be replaced with theforceClassroomUnpromptedScreenObservation
key.IfLostReturnTo
Message
key—The
grayscale
key will be removed from the Accessibility payload for computer configuration profiles in a future release.- Jamf Pro URL for Enrollment Using Built-In SCEP and iPCU—Support for Apple's iPhone Configuration Utility (iPCU) was removed in a previous release and support for Non-HTTPS communication with the Jamf Pro Server by defining an HTTP URL will be removed from in a future release.
- Support for non-certificate based client communication with the Jamf Pro Server—The Enable certificate-based authentication checkbox will be removed from in a future release.
Removals
Correction
The following items were removed in an earlier release of Jamf Pro and inadvertently not included in the Removals list:
- Hide Restore partition at login setting
- Self Service for macOS 9.101.0 and earlier
- Enable user-level Managed Preferences setting
Removed in version... | Item Removed or Discontinued | Description |
---|---|---|
10.40.0 | Jamf Remote | Jamf Remote has been removed from Jamf Pro. This includes the screen sharing workflow using Jamf Remote. Jamf recommends to use TeamViewer for remote administration. For instructions on how to integrate TeamViewer with Jamf Pro, see TeamViewer Integration in the Jamf Pro Documentation. |
10.37.0 | Jamf Pro server hosted on macOS | Support for hosting Jamf Pro server on macOS has been discontinued. For instructions on migrating to a different platform, see the Migrating to Another Server article. |
10.36.0 | Jamf Imaging | Jamf Imaging features and navigation elements have been removed from Jamf Pro. This includes the removal of the boot_volume_required key from the packages API endpoint. Users will need to modify their endpoint to ignore the key. |