our Macs because…” • Certiﬁcates! and we use those for WiFi and VPN and stuﬀ. • Network Shares and Printers. • Oﬀ-boarding and termination. • GPOs and AD group membership. • Consistent password experience. • Honestly, we don’t know why.
it is helpful • Sites should be reserved for multiple distinct admin groups. • Used when diﬀerent devices are managed separately in very diﬀerent ways. • Meant to make things easier not to make more work for the jamf admin.
it. • Be Speciﬁc. Be Accurate. • Little notes to Future You. ~Thanks Past Me. • Avoid naming TEST, Working, DONT DELETE ME • Stop with OLD, Disabled, DO NOT USE. • Clean House. Now is always the time. • Document the Naming Scheme!!!
Jamf management can be overwhelming. • Switching workﬂows is a really big deal. • Testing and getting approval takes too long. • We cant have an outage of any kind. ever. • “If it aint broke dont ﬁx it.”
handle pieces 1. Identify each issue that can be solved separately 2. Solve each piece individually in a dev environment 3. Figure out how to bolt them together 4. Move it over into UAT or Pre Production Server. 5. Success. Proﬁt?
• On prem servers are easy when it’s a test environment • Sandbox for playing • Test / Dev for testing and building • UAT / Preproduction for real world sanity checks • Jamf tools to move from one to the other
Never ever force it. • Mistakes happen, but don’t have to be public. • Someone else’s solution might not be right for you. • Don't make extra work for you or the users • Patching intervals aren't necessary
Mistakes compromise faith in the management framework. • Someone else’s solution might not be right for you. • Don't make extra work for you or the users. • Build a test server and use it. • Simple approach is best approach. • Document and Share Everything.