Menu Bar App Preferences

This reference contains all available preferences for the Jamf Connect menu bar app. Configure preferences in either Jamf Connect Configuration or in a Jamf Pro configuration profile created at Configuration Profiles > Application & Custom Settings. For more information, see Configuration.

Menu Bar Authentication Settings

  • Domaincom.jamf.connect
  • DictionaryIdPSettings
  • Description

    Used to allow Jamf Connect to complete authentication between your IdP and local accounts. Required settings vary by IdP.

Key

Description

Provider

Identity Provider

(Required) Specifies the name of your cloud identity provider. The following values are supported:

  • Azure
  • IBMCI
  • GoogleID
  • Okta
  • OneLogin
  • PingFederate
  • Custom
<key>Provider</key>
<string>Azure</key>

OktaAuthServer

Okta Auth Server

(Required: Okta Only) Specifies your organization's Okta domain. A preceding "https://" is optional.

<key>OktaAuthServer</key>
<string>your-company.okta.com</string>

ROPGID

Client ID

(Required: OpenID Connect only) Specifies the client ID of your Jamf Connect app in your IdP. This value allows Jamf Connect to complete a resource owner password grant (ROPG), which is the process that performs password verification.

<key>ROPGID</key>
<string>9fcc52c7-ee36-4889-8517-lkjslkjoe23</string>

DiscoveryURL

Discovery URL

Specifies your IdP's OpenID Connect discovery endpoint. This value appears in the following format: https://domain.url.com/.well-known/openid-configuration

If using AD FS, this value is your AD FS domain combined with the following: /adfs/.well-known/openid-configuration/

Note:

This setting is required if your Identity Provider (OIDCProvider) is set to Custom or PingFederate.

<key>DiscoveryURL</key>
<string>https://domain.url.com/.well-known/openid-configuration</string>

TenantID

Tenant ID

Specifies the Tenant ID for your organization used for authentication.

Note:

If IBM Security Verify is your IdP, this value is required and matches the tenant name used in your IBM URL. (e.g. https://companyname.ibmcloud.com)

<key>TenantID</key>
<string>companyname</string>

ChangePasswordURL

Change Password URL

Specifies a URL that opens a web page supported by your IdP where users may change their password.

Note:

If Azure is your IdP, the default URL is https://myaccount.microsoft.com/.

If Okta is your IdP, the default URL is the domain listed for the Okta Auth Server (OktaAuthServer) preference key followed by /enduser/settings.

If Google Identity is your IdP, Jamf recommends using this URL: https://myaccount.google.com/intro/signinoptions/password

Organizations with more customized Azure, Okta, or Google Identity environments may use custom URLs.

<key>ChangePasswordURL</key>
<string>https://idp.example.com/.well-known/change-password</string> 

ResetPasswordURL

Reset Password URL

Specifies a URL that opens a web page supported by your IdP where users may reset their password if they forget it.

Note:

If Azure is your IdP, the default URL is https://passwordreset.microsoftonline.com/.

If Okta is your IdP, the default URL is the domain listed for the Okta Auth Server (OktaAuthServer) preference key followed by /signin/forgot-password.

If Google Identity is your IdP, Jamf recommends using this URL: https://accounts.google.com/signin/recovery

Organizations with more customized Azure, Okta, or Google Identity environments may use custom URLs.

<key>ResetPasswordURL</key>
<string>https://idp.example.com/.well-known/reset-password</string>

ClientSecret

Client Secret

Specifies the client secret of your Jamf Connect app in your IdP.

<key>ClientSecret</key>
<string>yourClientSecret</string>
Scopes

Scopes

Specifies custom OIDC scopes, which return additional claims in a user's ID token during authorization. Standard scopes include openid, profile, and offline_access. If you include multiple scopes, use a "+" to separate them.

<key>Scopes</key>
<string>openid+profile</string>

SuccessCodes

Password Verification Success Codes

Specifies an array of strings that contain error codes from your IdP during an ROPG password verification, which should be interpreted as successful by Jamf Connect.

For possible error codes that may need to be configured in your environment, see the Azure AD Authentication and authorization error codes documentation from Microsoft.

If you use OneLogin and multifactor authentication in your environment, set this key to MFA.

<key>SuccessCodes</key>
<array>
<string>AADSTS50012</string>
<string>AADSTS50131</string>
</array>

Menu Bar Sign-in Settings

  • Domaincom.jamf.connect
  • DictionarySignIn
  • Description

    Used to configure the sign-in user experience and multifactor authentication (MFA) options for Okta.

Key

Description

AutoAuthenticate

Enable Automatic Sign-in

Determines if Jamf Connect automatically attempts to sign in the user if there are saved credentials in the user's keychain.

<key>AutoAuthenticate</key>
<false/>

AutoMFA

Automatically Push Last MFA Method

(Okta only) Determines if the multifactor authentication (MFA) method from a user's last sign-in via Jamf Connect is automatically pushed during their next Jamf Connect sign-in attempt.

Note:

Jamf Connect only detects MFA methods used within the menu bar app. MFA methods used during sign-ins to the Okta dashboard via a web browser or another application are not detected.

<key>AutoMFA</key>
<false/>
AutoOpenAppAtLoginAutomatically Open Jamf Connect at Login

Sets Jamf Connect as a login item for users. This setting is disabled (set to false) by default.

Note:
  • Users must manually open the app at least one time to allow macOS to set the app as a login item.

  • If this setting is concurrently used with other methods to open Jamf Connect, such as the Launch Agent, multiple copies of the app may open on computers.

<key>AutoOpenAppAtLogin</key>
<false/>

RequireSignIn

Require Sign-in

Determines if the sign-in window is kept open on computers before users successfully authenticate.

<key>RequireSignIn</key>
<false/>

SignInLogo

Sign-in Logo

Specifies the file path to a locally stored image to use as a logo at sign-in. Larger images will be automatically scaled down to an appropriate width while maintaining the aspect ratio. Do not include a backslash "\" in your file path.

<key>SignInLogo</key>
<string>/usr/local/images/logo.png</string>

UsernameLabel

Username Field Label

Specifies custom text for the Username field in the sign-in window.

<key>UsernameLabel</key>
<string>Username:</string>

PasswordLabel

Password Field Label

Specifies custom text for the Password field in the sign-in window.

<key>PasswordLabel</key>
<string>Password:</string>

WindowTitle

Sign-in Window Title

Specifies a custom title for the sign-in window.

<key>WindowTitle</key>
<string>Connect</string>

MFARename

MFA Option Names

(Okta only) Specifies custom names for each MFA option used with Okta authentication in your organization. For more information about the types of MFA options you can configure with Jamf Connect and Okta, see Multifactor Authentication.

<key>MFARename</key>

<dict>

   <key>push</key>

   <string>Okta Verify app: Push Notification</string>

   <key>question</key>

   <string>Okta Verify app: Security Question</string>

   <key>token:hardware</key>

   <string>USB Security Key</string>

   <key>okta:token:software:totp</key>

   <string>Okta Verification Code</string>
   <key>google:token:software:totp</key>

   <string>Google Verification Code</string>

   <key>web</key>

   <string>Duo Mobile app</string>

</dict>

MFAExcluded

Hidden MFA Options

(Okta only) Specifies a list of MFA options that you do not want to display to users.

<key>MFAExcluded</key>

<array>

   <string>push</string>

   <string>question</string>

   <string>token:hardware</string>

   <string>okta:token:software:totp</string>
   <string>google:token:software:totp</string>

   <string>web</string>

</array>

OneTimePasswordMessage

One-time Password Message

(Okta only) Specifies the text displayed when a user must enter a one-time password (OTP) as a multifactor authentication (MFA) method.

<key>OneTimePasswordMessage</key>
<string>Enter the verification code</string> 

Menu Bar Custom Branding Settings

  • Domaincom.jamf.connect
  • DictionaryAppearance
  • Description

    Used to customize Jamf Connect for your organization

Key

Description

MenubarIcon

Light Mode Icon

Specifies the file path to a custom icon for the Jamf Connect menu bar icon when Light Mode is enabled.

Jamf recommends a 16x16 pixel image.

<key>MenubarIcon</key
<string>/usr/local/icon.png</string>

MenubarIconDark

Dark Mode Icon

Specifies the file path to a custom icon for the Jamf Connect menu bar icon that displays when Dark Mode is enabled on macOS 10.15 or earlier

Jamf recommends a 16x16 pixel image.

Note:

This setting is not supported on computers with macOS 11 or later. Use the Light Mode Icon (MenuBarIcon) to upload one icon and allow macOS to automatically change the tint of the icon to clearly display against the user's desktop image.

<key>MenubarIconDark</key
<string>/usr/local/darkicon.png</string>
AlternateBranding

Use Unbranded App Icon

Specifies using the alternate app icon for Jamf Connect rather than the default Jamf logo and company name. This setting is disabled (set to false) by default.
<key>AlternateBranding</key>
<false/>

ShowWelcomeWindow

Show Welcome Window

Displays the Welcome window each time Jamf Connect is opened.

<key>ShowWelcomeWindow</key>
<true/>

Unlock App Settings

Domain
com.jamf.connect
Dictonary
Unlock
Description
Used to configure Jamf Unlock app usage in the Jamf Connect menu bar app.

For more information about Jamf Unlock, see Jamf Unlock Overview.

KeyDescription

EnableUnlock

Enable Unlock

Enables Jamf Unlock app usage and displays the Unlock menu items in the menu bar. This setting is disabled (set to false) by default.

<key>EnableUnlock</key>
<false/>

RequirePIN

Require PIN

Requires Jamf Unlock users to use a PIN to complete authentication requests.

Important: To ensure authentication with Jamf Unlock works as expected, make sure your PIN requirement settings are the same between your Jamf Unlock managed app configuration and Jamf Connect configuration profile.
<key>RequirePIN</key>
<false/>
EnableUnlockForLogin

Enable Unlock Authentication at the Login Window

Allows users to use Jamf Unlock authentication to log in via Apple's native macOS login window.

When enabled (set to true), users can switch between using a local password or Jamf Unlock by using Enable Jamf Unlock switch at the top of the login window. This setting is disabled (set to false) by default.

Note:

The EnableUnlock setting must be enabled (set to true) before using this setting.

<key>EnableUnlockForLogin</key>
<false/>

User Help Settings

  • Domaincom.jamf.connect
  • DictionaryUserHelp
  • Description

    Used to configure in-app help options for users

Key

Description

HelpType

Get Help Type

Specifies the type of help option used by Jamf Connect.

Note:

Bomgar, URL, and App are supported.

<key>HelpType</key>
<string>URL</string>

HelpOptions

Get Help Options

Specifies a URL or file path that users can access by clicking Get Help in the Jamf Connect menu.

Note:

The HelpType key must be specified.

<key>HelpOptions</key>
<string>/Applications/Google Chrome.app</string>

SoftwarePath

Self Service Path

The file path for a Self Service application other than one that Jamf Connect automatically finds. Jamf Connect automatically detects Jamf Self Service and Munki Managed Software Center.

<key>SoftwarePath</key>
<string>/Applications/Your.app</string>

Password Policy Settings

  • Domaincom.jamf.connect
  • DictionaryPasswordPolicies
  • Description

    Used to configure network password checks, expiration notifications, and password policies

Key

Description

ExpirationCountdownStartDay

Password Expiration Countdown Start Date

Specifies an integer that represents the number of days remaining before the password expiration countdown is displayed in the menu bar next to the app icon. This setting is set to 14 days by default and is disabled when set to 0.

Note: To use this setting, Jamf Connect must be integrated with a Kerberos realm. For more information, see Kerberos Integration.
<key>ExpirationCountdownStartDay</key>
<integer>14</integer>

ExpirationManualOverrideDays

Password Expiration Manual Override

(Okta only) Specifies an integer that represents the number of days that a user's Okta password is valid for in your organization. For example, if a user must change their Okta password every 90 days, set this value to 90.

This allows you to display the amount of days remaining before a user's password expires in the menu bar app for Okta accounts that are not managed by Active Directory.

To display this value next to the menu bar app icon in addition to in the menu bar, make sure to also configure the Password Expiration Countdown Start Date setting.

Note: If your Okta accounts are mastered by Active Directory, this setting cannot be used. Continue to integrate Jamf Connect with a Kerberos realm and use the Password Expiration Countdown Start Date setting to display the password expiration date in the Jamf Connect menu bar app.

ExpirationNotificationStartDay

Password Expiration Notification Start Date

Specifies an integer that represents the number of days remaining before the user begins receiving notifications about an upcoming password expiration. This setting is set to 7 days by default and is disabled when set to 0.

<key>ExpirationNotificationStartDay</key>
<integer>7</integer>

NetworkCheck

Network Check-in Frequency

Specifies the check-in frequency that Jamf Connect uses to confirm that users' network password matches their local password. This setting is set to 60 minutes by default and is disabled when set to 0. Jamf Connect can only check the network password if the network is accessible.

If a user's passwords are out of sync upon network check-in, the user receives a macOS notification prompting them to sync their passwords.

<key>NetworkCheck</key>
<integer>60</integer>

CheckOnNetworkChange

Perform Network Checks on Network Changes

Determines whether Jamf Connect performs a network check when a computer's network status changes. This setting is enabled (set to true) by default. If disabled (set to false), Jamf Connect only performs a network check during the the network check-in frequency integer defined by the NetworkCheck key.
<key>CheckOnNetworkChange</key>
<true/>

SyncPasswordsMessage

Sync Passwords Message

Specifies a message displayed to users when Jamf Connect detects that their local and network passwords are out of sync.

<key>SyncPasswordsMessage</key>
<string>Your local and network passwords do not match. Enter your current local password to sync it with your network password</string>
PasswordSyncBlockList

Password Sync Block List

Specifies a list of local macOS accounts that you do not want to go through password syncing (typically admin accounts).

You can specify one or more local accounts as an array of strings using their local macOS account names (i.e., short names).

<key>PasswordSyncBlockList</key>
<array>
<string>account_one</string>
<string>account_two</string>
<string>account_three</string>
<string>account_four</string>
</array> 

PolicyRequirements

Password Policy Requirements

Defines the password complexity policy for users changing their passwords. Jamf Connect will only enforce this setting if a different password policy from Active Directory or a cloud IdP is not detected.

<key>PolicyRequirements</key>

<dict>

<key>minLength</key>

<integer>8</integer>

<key>minLowerCase</key>

<integer>1</integer>

<key>minMatches</key>

<integer>3</integer>

<key>minNumber</key>

<integer>1</integer>

<key>minSymbol</key>

<integer>1</integer>

<key>minUpperCase</key>

<integer>1</integer>
<key>excludeUsername</key>
<true/>

</dict>
Note: Use the minMatches preference to specify the number of ways a user's password must match the password criteria. For example, if the minMatches value is 3, users' passwords must include at least three of the password criteria (such as an uppercase letter, a special character/symbol, and an integer/number).

PolicyMessage

Password Policy Message

A message that explains your configured password policy. This message only displays when a user tries to set a password that does not meet your password policy requirements.

<key>PolicyMessage</key>
<string>This password does not meet your organization's minimum password complexity requirements.</string>

Kerberos Settings

  • Domaincom.jamf.connect
  • DictionaryKerberos
  • Description

    Used to integrate Jamf Connect with a Kerberos realm for password syncing

Key

Description

Realm

Kerberos Realm

Specifies the Kerberos realm used to get Kerberos tickets. Your Kerberos realm should be written in all caps.

<key>Realm</key>
<string>YOURCOMPANY.NET</string>

AutoRenewTickets

Renew Kerberos Tickets

Determines if the Kerberos tickets should be renewed.

<key>AutoRenewTickets</key>
<false/>

CacheTicketsOnNetworkChange

Cache Tickets On Network Change

Determines whether a user's Kerberos tickets are cached or destroyed when a network status changes on computers. When enabled (set to true), computers will cache Kerberos tickets when a network change occurs. By default, this setting is disabled (set to false) and Kerberos tickets are destroyed during a network change.

<key>CacheTicketsOnNetworkChange</key>
<false/> 

ShortName

Custom Short Name

A custom short name to use to obtain Kerberos tickets.

<key>ShortName</key>
<string>Joel</string>

ShortNameAttribute

Short Name Attribute

The ID token attribute to use as a short name. If unspecified, the ShortName value will be used. If no values are found for ShortNameAttribute or ShortName and the AskForShortName setting is enabled (set to true), the user will be prompted to enter their short name.

Note:
  • Short Name Attribute cannot be used to specify the short name if MFA is enabled.
  • If Okta is your IdP, you must also have the Client ID (ROPGID) and Tenant ID (TenantID) preference keys configured for Jamf Connect to use the short name specified by ShortNameAttribute.
<key>ShortNameAttribute</key>
<string>attribute</string>

AskForShortName

Ask for Short Name

Determines if the user is asked to enter their Kerberos short name upon first sign in.

<key>AskForShortName</key>
<false/>

AskForShortNameMessage

Ask for Short Name Message

Specifies the message displayed to users when requesting their Kerberos short name.

<key>AskForShortNameMessage</key>
<string>Enter your Active Directory username.</string>

Keychain Settings

  • Domaincom.jamf.connect
  • DictionaryKeychain
  • Description

    Used to allow Jamf Connect to sync passwords with keychain items

Key

Description

InternetItems

Sync Password with Internet Keychain Items

Specifies internet accounts that Jamf Connect should sync with the local password.

<key>InternetItems</key>
<dict>
<key>com.apple.network.eap.user.item.wlan.ssid.Company Wireless</key><string>&lt;&lt;shortname&gt;&gt;</string>
</dict>

PasswordItems

Update Keychain Items

Specifies keychain items that Jamf Connect should sync with the local password.


<key>PasswordItems</key>

<dict>

<key>com.apple.network.eap.user.item.wlan.ssid.SSIDNameHere</key>

<string>&lt;&lt;shortname&gt;&gt;</string>

</dict>


Okta Web Browser Settings

  • Domaincom.jamf.connect
  • DictionaryWebBrowser
  • Description

    Used to manage whether a user's Okta dashboard opens on sign-in and in what browser

Key

Description

LaunchBrowser

Launch Browser

Determines whether the Okta dashboard is opened in a web browser when a user signs in with Jamf Connect.

<key>LaunchBrowser</key>
<false/>

BrowserSelection

Browser Selection

Determines which browser the Okta dashboard is opened in when a user signs in with Jamf Connect by enforcing a selection from the Browser pop-up menu at the Sign In window. Safari, Firefox, and Google Chrome are supported browsers.

<key>BrowserSelection</key>
<string>Google Chrome</string>

Menu Item Customization Settings

  • Domaincom.jamf.connect
  • DictionaryCustomMenuItems
  • Description

    Used to customize the names of menu items in Jamf Connect

Key

Description

About

About Menu Text

Specifies the title of the About menu item.

<key>about</key>
<string>About</string>

Actions

Actions Menu Text

Specifies the title of the Actions menu item.

<key>actions</key>
<string>Actions</string>

ChangePassword

Change Password Menu Text

Specifies the title of the Change password menu item.

<key>changepassword</key>
<string>Change Password</string>

GetHelp

Get Help Menu Text

Specifies the title of the Get help menu item.

<key>gethelp</key>
<string>Get Help</string>

GetSoftware

Get Software Menu Text

Specifies the title of the Get software menu item.

<key>getsoftware</key>
<string>Get Software</string>

Home

Home Directory Menu Text

Specifies the title of the Home directory menu item.

<key>homedirectory</key>
<string>Home</string>

Preferences

Preferences Menu Text

Specifies the title of the Preferences menu item.

<key>preferences</key>
<string>Preferences</string>

ResetPassword

Reset Password Menu Text

Specifies the title of the Reset password menu item.

<key>resetpassword</key>
<string>Reset Password</string>

Shares

Shares Menu Text

Specifies the title of the Shares menu item.

<key>shares</key>
<string>Shares</string>

Connect

Connect Menu Text

Specifies the title of the Connect menu item.

<key>connect</key>
<string>Connect</string>

Menu Item Display Settings

  • Domaincom.jamf.connect
  • KeyHiddenMenuItems
  • Description

    An array of strings used to hide Jamf Connect menu items from users

Value

Description

about

Hide About Menu Item

Hides the About window.

<key>HiddenMenuItems</key>
<array>
<string>about</string>
</array>

actions

Hide Actions Menu Item

Hides the custom configured Actions menu item.

<key>HiddenMenuItems</key>
<array>
<string>actions</string>
</array>

changepassword

Hide Change Passwords Menu Item

Hides the Change password menu item.

<key>HiddenMenuItems</key>
<array>
<string>changepassword</string>
</array>

gethelp

Hide Get Help Menu Item

Hides the Get help menu item.

<key>HiddenMenuItems</key>
<array>
<string>gethelp</string>
</array>

getsoftware

Hide Get Software Menu Item

Hides the Get software menu item.

Note:

If a self-service app is not installed on computers, this menu item is hidden by default.

<key>HiddenMenuItems</key>
<array>
<string>getsoftware</string>
</array>

home

Hide Home Directory Menu Item

Hides the Home directory menu item.

Note:

If a home share is not detected, this menu item is hidden by default.

<key>HiddenMenuItems</key>
<array>
<string>home</string>
</array>

tickets

Hide Kerberos Ticket Menu Item

Hides the Tickets menu item.

Note:

If a Kerberos realm is not configured, this menu item is hidden by default.

<key>HiddenMenuItems</key>
<array>
<string>tickets</string>
</array>

lastuser

Hide Last User Menu Item

Hides the Last user menu item.

<key>HiddenMenuItems</key>
<array>
<string>lastuser</string>
</array>

passwordexpiration

Hide Password Expiration Menu Item

Hides the Password expiration menu item.

<key>HiddenMenuItems</key>
<array>
<string>passwordexpiration</string>
</array> 

preferences

Hide Preferences Menu Item

Hides the Preferences menu item.

<key>HiddenMenuItems</key>
<array>
<string>preferences</string>
</array> 

resetpassword

Hide Reset Password Menu Item

Hides the Reset password menu item.

<key>HiddenMenuItems</key>
<array>
<string>resetpassword</string>
</array> 

shares

Hide Shares Menu Item

Hide the Share menu item.

<key>HiddenMenuItems</key>
<array>
<string>shares</string>
</array>

connect

Hide Connect Menu Item

Hides the Connect menu item.

<key>HiddenMenuItems</key>
<array>
<string>connect</string>
</array>

quitjamfconnect

Hide Quit Menu Item

Hides the Quit menu item.

<key>HiddenMenuItems</key>
<array>
<string>quitjamfconnect</string>
</array> 

Menu Bar Script Settings

  • Domaincom.jamf.connect
  • DictionaryScripting
  • Description

    Used to run custom scripts that are triggered by Jamf Connect authentication events

Key

Description

OnPasswordChange

Password Change Script

Specifies the file path to a script or other binary to run after successful password change.

<key>OnPasswordChange</key>
<string>/usr/local/bin/PasswordChange.sh</string>

OnAuthSuccess

Successful Sign-in Script

Specifies the file path to a script or other binary to run after a successful Jamf Connect authentication.

<key>OnAuthSuccess</key>
<string>/usr/local/bin/JamfConnectAuth.sh</string>

OnAuthFailure

Failed Sign-in Script

Specifies the file path to a script or other binary to run after an unsuccessful Jamf Connect authentication attempt.

<key>OnAuthFailure</key>
<string>/usr/local/bin/JamfConnectAuthFailure.sh</string>

OnNetworkChange

Network Change Script

Specifies the file path to a script or other binary to execute after a network change is detected.

<key>OnNetworkChange</key>
<string>/usr/local/bin/JamfConnectAuthFailure.sh</string>

Certificate Settings

  • Domaincom.jamf.connect
  • DictionaryCertificates
  • Description

    Used to configure Windows web CA settings

Key

Description

WindowsCA

X.509 Certificate Authority

Specifies the URL of the Windows web certificate authority (CA) for Jamf Connect to use for certificates.

<key>WindowsCA</key>
<string>dc1.jamfconnect.test</string>

CertificateTemplate

Certificate Template

Specifies the Certificate template from a Windows web CA.

<key>CertificateTemplate</key>
<string>User Auth</string>

GetCertificateAutomatically

Get Certificates Automatically

Enables Jamf Connect to get a certificate from a Windows web CA automatically on sign-in.

<key>GetCertificateAutomatically</key>
<false/>

SecureNetworks

Associated Wi-Fi Networks

Specifies a list of secure wireless networks to associate with the certificate Jamf Connect created.

<key>SecureNetworks</key>
<array>
<string>SSID1</string>
<string>SSID2</string>
</array

ExportableCertificateKey

Allow Private Key Exports

Allows the private key of the user certificate to be exported.

<key>ExportableCertificateKey</key>
<false/>

File Share Settings

  • Domaincom.jamf.connect.shares
  • Description

    Used to configure the file share menu item in Jamf Connect.

    Important:

    Microsoft Distributed File System (DFS) shares are currently not supported by Jamf Connect's file share feature.

Key

Description

HomeMount

Determines if a user's home profile should be mounted. This is written as a dictionary of keys including the Groups and Options keys.

<key>HomeMount</key>
    <dict>
       <key>Groups</key>
       <array/>
       <key>Options</key>
       <array/>
       <key>Mount</key>
       <false/>
    </dict>

Groups

Specifies which active directory group members should have their home profile mounted

Options

An array of mount options

Note:

See the Options table for available options.

Shares

Determines a mount point and its associated attributes. This is written as an array of dictionaries.

<key>Shares</key>
        <array>
          <dict>
             <key>Groups</key>
                <array>
                <string>group1</string>
                <string>group2</string>
                </array>
                <key>URL</key>
               <string>smb://exampleURL/share/ExampleHome</string>
                <key>Options</key>
                <array/>
                <key>Name</key>
                <string>Files for you</string>
                <key>LocalMount</key>
                <string></string>
                <key>AutoMount</key>
                <true/>
                <key>ConnectedOnly</key>
                <true/>
            </dict>
</array>

AutoMount

If set to true, the share is automatically mounted

ConnectedOnly

If set to true, the share is only mounted when the computer is connected to the active directory domain.

Groups

Specifies which active directory group members should have their home profile mounted.

LocalMount

Specifies a local mount point

Name

Specifies the name of the share displayed as a menu item in Jamf Connect

Options

An array of mount options

Note:

See the Options table for available options.

URL

Specifies the URL of the mount point.

You can use variable substitution to create custom mount points. Jamf Connect can substitute any of the following variables with the corresponding value from the user's AD account:

  • <<domain>>
  • <<fullname>>
  • <<serial>>
  • <<shortname>>
  • <<upn>>
  • <<email>>

Action Item Settings

  • Domaincom.jamf.connect.actions
  • Description

    Used to create and configure custom menu items to display in the menu bar app. For more information, see Custom Menu Bar Action Items.

Global Action Settings

Key

Description

Type

MenuIcon

Determines if the action menu will display a status icon (green, yellow, or red)

Note:

MenuIcon will display a green, yellow, or red icon next to the main Action menu based upon the highest degree of alert among all items in the submenu. For example, if you have any visible submenu actions displaying a red icon, the main menu will display a red icon. If any visible submenu actions display a yellow icon and none display red, the main menu item will display a yellow icon.

Boolean

MenuText

When set to true, Jamf Connect will use the result of the command as the text of the menu item.

Note:

MenuText requires a command to return a result of <<menu>> followed by your menu. The last command to return a result containing <<menu>> will determine what the menu title is.

Boolean

Action Component Settings

Key

Description

Type

Name

(Required) The name of the action

String

Title

The text used to display the item in the menu bar

Note:

If unspecified, the Name will be used as the title.

Dictionary

Show

Determines if the item is displayed in the menu or not

Note:

All commands in the Show command must return true for the menu item to display.

Array

Action

Contains the action

 

Array

Post

Determines what happens after the action is run.

Array

GUID

The unique ID for the action

String

Connected

Determines if the action set should only be run when connected to an Active Directory domain

Boolean

Timer

Length in minutes between executing the action

Integer

ToolTip

The text displayed when hovering over a menu item

String

Separator

Creates a visual separator bar in the menu bar