Multiple Domains and Jamf Infrastructure Manager for LDAP

Transcript

1. None

2. © JAMF Software, LLC Mike Wallach Director of Apple Technologies

   Manulife | John Hancock Oliver Lindsey Professional Services Engineer Jamf

3. © JAMF Software, LLC Multiple Jamf Infrastructure Manager Instances on

   the same server for LDAP Proxy Presentation agenda: A word from Jamf Our Dilemma and Challenges The Setup Demo Q & A

4. © JAMF Software, LLC And now A word from Jamf

5. © JAMF Software, LLC Our Dilemma • We have 11

   domains globally that we required authentication to for Jamf Pro users and Self Service • Jamf would only officially support one LDAP Proxy per Infrastructure Manager server with Jamf Cloud What drove us to this solution?

6. © JAMF Software, LLC Our Dilemma • We have colocated

   data centers, the cost for individual servers to run the JIM software was not cost effective for us What drove us to this solution?

7. © JAMF Software, LLC Challenges • Jamf does not have

   a supported method for installing multiple JIMs on the same server
 • At the time, JIM only ran on Ubuntu we only use RHEL in our datacenter The Risks

8. © JAMF Software, LLC Challenges • Without official support, anything

   that could go wrong (and did) required assistance from Professional Services The Risks

9. © JAMF Software, LLC The Solution • We worked closely

   with Oliver and Jamf Professional Services to bring JIM support to RHEL • A custom solution was developed to create multiple instances on one server Multiple JIM instances on one Linux server

10. © JAMF Software, LLC Setup • One of the following

    operating systems: • Ubuntu 14.04 LTS Server (64-bit) or Ubuntu 16.04 LTS Server (64-bit) • Red Hat Enterprise Linux (RHEL) 7.0, 7.1, or 7.2 • Windows Server 2008 R2 (64-bit), Windows Server 2012 (64-bit), or Windows Server 2012 R2 (64-bit) • A 64-bit capable Intel processor • 2 GB of RAM • 300 MB of disk space available • Java 1.8 (for more information, see the Installing Java and MySQL Knowledge Base article) Recommendations

11. © JAMF Software, LLC Setup • A 64-bit Intel processor

    • 8 GB of RAM • 60 GB of disk space available • Red Hat Enterprise Linux (RHEL) 7 • Java 1.8 (for more information, see the Installing Java and MySQL Knowledge Base article) Our Setup

12. © JAMF Software, LLC Setup • Outbound Port 443 from

    JIM to Jamf Pro • Inbound Ports from Jamf External IP to JIM (8389 recommended) • Port 636 from JIM to LDAP Server for LDAPS Firewall Ports Required

13. © JAMF Software, LLC Important Notes • JIM requires port

    443 to your actual Jamf Pro IP found with an nslookup • The Infrastructure Manager does not support Network Address Translation (NAT). Hosts file entries may be required on both JIM and Jamf Pro

14. © JAMF Software, LLC Important Notes • Under Settings ->

    Jamf Pro User Accounts and Groups -> USER > Privileges > Jamf Pro Server Objects you will need to grant an account Create, Read and Update rights to Infrastructure Manager Instances

15. © JAMF Software, LLC Demo

16. © JAMF Software, LLC Known Issues When /var/log/jamf-im.log fills the

    JIM will stop working. There is no warning when this happens. You can either delete the jamf-im.log or perform log rotation.

17. © JAMF Software, LLC Known Issues If one instance stops

    working, all instances seem to stop working and require a jamf-im_SERVICE restart performed on the Linux server.

18. © JAMF Software, LLC Known Issues If the IP address

    of your Jamf Pro changes and you have IP-based rules your Jamf Pro will report that your Infrastructure Managers have not checked in. They should continue to work as normal.

19. © JAMF Software, LLC Resources Permitting Inbound/Outbound Traffic with Jamf

    Cloud • https://www.jamf.com/jamf-nation/articles/409/ permitting-inbound-outbound-traffic-with-jamf- cloud

20. © JAMF Software, LLC Resources Installing a Jamf IM Instance

    • http://docs.jamf.com/infrastructure-manager/1.3.0/ Installing_a_Jamf_Infrastructure_Manager_Instance. html

21. © JAMF Software, LLC Questions?

22. © JAMF Software, LL THANK YOU!