Best Practices for Keeping User Computers in Compliance

Compliance can be completely enforced by Jamf Pro, as a result computers are never out of compliance as long as the computer is managed by Jamf Pro. To keep computers in compliance, it is recommended that you deploy a configuration profile or a policy in Jamf Pro for each compliance policy created in Microsoft Intune.

  1. In Jamf Pro, navigate to Computers > Smart Computer Groups, and create a smart group that identifies compliant computers by using the following criteria:

    1. Computers with the Company Portal.app installed

    2. Computers with the Azure Active Directory ID attribute

  2. Deploy a configuration profile or a policy in Jamf Pro for each of your compliance policies.
    (e.g., A computer configuration profile with the Passcode payload if you configured a password policy in Microsoft Intune or a policy with the Disk Encryption payload if you configured an encryption policy in Microsoft Intune)

  3. Scope the policy or configuration profile to the smart group created in step 1.

  4. Click Save.

  5. Repeat the process for all complience policies created in Microsoft Intune.

Related Information

Managing Policies
For instructions on creating a policy for a computer in Jamf Pro.

Computer Configuration Profiles
For instructions on creating a macOS configuration profile in Jamf Pro.

Copyright     Privacy Policy     Terms of Use     Security
© copyright 2002-2018 Jamf. All rights reserved.