Best Practices for Keeping User Computers in Compliance

Compliance can be completely enforced by Jamf Pro. As a result, Mac computers are never out of compliance as long as the computer is managed by Jamf Pro. To keep Mac computers in compliance, it is recommended that you deploy a configuration profile or a policy in Jamf Pro for each compliance policy created in Microsoft Intune.

  1. In Jamf Pro, navigate to Computers > Smart Computer Groups, and create a smart group that identifies compliant Mac computers by using the following criteria:

    1. Mac computers with the Company Portal.app installed

    2. Mac computers with the Azure Active Directory ID attribute

  2. Deploy a configuration profile or a policy in Jamf Pro for each of your compliance policies.
    (e.g., Deploy a Mac computer configuration profile with the Passcode payload if you configured a password policy in Microsoft Intune or a policy with the Disk Encryption payload if you configured an encryption policy in Microsoft Intune)

  3. Scope the policy or configuration profile to the smart group created in step 1.

  4. Click Save.

  5. Repeat the process for all compliance policies created in Microsoft Intune.

Related Information

Managing Policies
Find out how to create a policy for a Mac computer in Jamf Pro.

Computer Configuration Profiles
Find out how to create a Mac computer configuration profile in Jamf Pro.

Copyright     Privacy Policy     Terms of Use     Security
© copyright 2002-2019 Jamf. All rights reserved.