Installing the Jamf AD CS Connector

To integrate Jamf Pro with AD CS, you must install the Jamf AD CS Connector. This service securely transfers all communication between Jamf Pro and AD CS.

When you install the Jamf AD CS Connector, the installer automatically does the following:

  • Installs and configures the components needed to run the Jamf AD CS Connector

    For more information, see Components Installed.

  • Generates the certificates required to secure communication with Jamf Pro

  1. Log in to Jamf Account.
  2. Navigate to Products > Other Products > Jamf AD CS Connector and click Download for Windows.
  3. Log in to your Jamf AD CS Connector server as a user with administrator privileges.
  4. Locate the adcs.zip file within the ADCS Connector.zip archive downloaded from Jamf Account, and extract its contents to your IIS app folder (e.g., C:\inetpub\wwwroot\adcsproxy).
  5. Open a PowerShell console as administrator, and then run the installer by executing commands similar to the following:
    cd \Path_to_Downloaded\Unzipped_Jamf_AD_CS_Connector_Installer
    .\deploy.ps1 -fqdn my.adcs-connector.url -jamfProDn JAMF_PRO_URL.jamfcloud.com -installIIS -configureHttps -cleanInstall 
    Note:
    • Replace my.adcs-connector.url in the above example with the fully-qualified domain name of the Jamf AD CS Connector server in your environment. This is the URL Jamf Pro will use to connect to the ADCS Connector so it must be reachable from your Jamf Pro server. The URL could be the external FQDN of a virtual IP address (VIP) or a reverse proxy/load balancer depending on your network configuration.

    • Replace JAMF_PRO_URL.jamfcloud.com in the above example with the FQDN of your Jamf Pro server.

The Jamf AD CS Connector installs and generates the server and client certificates.
Important:

After the Jamf AD CS Connector installation is complete, do not close the PowerShell window before taking note of the client certificate password. The password is required to upload the certificate to Jamf Pro. You will need to reinstall the Jamf AD CS Connector to regenerate the password if it is unavailable.

After the Jamf AD CS Connector installation is complete, configure settings in Jamf Pro to enable communication between Jamf Pro and the Jamf AD CS Connector.