Jamf Pro

Jamf Pro is an enterprise mobility management (EMM) tool that provides unified endpoint management for Apple devices.

Types of Assets Fetched

This adapter fetches the following types of assets:

• Devices
• SaaS data

About Jamf Pro

Use cases the adapter solves

Jamf Pro is a powerful endpoint management solution that provides a robust inventory of our managed Apple devices in Axonius. Even more importantly, by combining Jamf Pro with network/infrastructure data coming from additional adapters, Axonius can identify unmanaged or even rogue devices on the network.

Data retrieved by Jamf Pro

Axonius collects common device information such as hostname, IPs, MAC address, and serial number. It also collects information unique to Jamf such as device policies, profiles, and groups. The adapter can be configured to collect additional information, such as user data and even mobile devices.

Enforcements

With the Jamf Pro adapter configured, Axonius can add devices to Jamf Pro computer groups directly in the Enforcement Center. Jamf Pro - Add Assets to Computer Group

Parameters

1.Jamf Domain (required) - The hostname of the Jamf Pro server. This field format is 'https://[instance].jamfcloud.com'.
2. Username and Password (required) - The credentials for a user account that has the Required Permissions to fetch assets via the API.
3. HTTP Proxy and HTTPS Proxy (optional) - A proxy to use when connecting to the value supplied in Jamf Domain.
4. Tenant Tag (optional) - Specify a tag name to tag all devices fetched from this adapter connection.
5. Bypass SSO - (required, default: switched off) - Select it if the newly created user account is allowed to bypass SSO according to the Jamf instance settings.
6. 2FA Secret Key - If you access Jamf Pro through an SSO solution that requires 2-factor authentication, you will need to generate a secret key in that solution and paste it here. See instructions for performing this action in Okta.

To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

Advanced Settings

1. Fetch department of users - Select whether to fetch the names of buildings and departments of users for this adapter connection.
2. Fetch policies (required, default: true) - Select whether to fetch policies associated with devices for this adapter connection. This field is ignored when Use pro API is selected.
3. Fetch mobile devices (required, default: true) - Select whether to fetch mobile devices in addition to standard devices for this adapter connection.
4. Use pro API - Select to use Jamf Pro API. If cleared, Axonius will use the Classic API.
5. Async chunks in parallel (required, default: 20) - The number of chunks to fetch in parallel when working with the Classic API.
6. Items to not fetch (optional) - Select one or more options to exclude from fetching.

APIs

Axonius supports the Jamf Classic API and Jamf Pro API.

Creating a User by Connecting to the Jamf Admin Panel

1. Log in to the Jamf Pro admin panel and navigate to the Settings panel. Click Jamf Pro User Accounts & Groups.
   
2. Click New to create a new user and select Create Standard Account > Next.
   
3. Fill in the details for this account. Make sure to select Custom from the Privilege Set dropdown, and select Full Access from the Access Level dropdown.
   
4. Navigate to the Privileges tab. Under Jamf Pro Server Objects, select the Read option for each object displayed.
   
5. Click Save.
   
   

Required Permissions

The value supplied in Username and Password must have the following access to devices.