- 04 Jun 2023
- 3 Minutes to read
- Updated on 04 Jun 2023
- 3 Minutes to read
Jamf Pro is an enterprise mobility management (EMM) tool that provides unified endpoint management for Apple devices.
Types of Assets Fetched
This adapter fetches the following types of assets:
- SaaS data
About Jamf Pro
Use cases the adapter solves
Jamf Pro is a powerful endpoint management solution that provides a robust inventory of our managed Apple devices in Axonius. Even more importantly, by combining Jamf Pro with network/infrastructure data coming from additional adapters, Axonius can identify unmanaged or even rogue devices on the network.
Data retrieved by Jamf Pro
Axonius collects common device information such as hostname, IPs, MAC address, and serial number. It also collects information unique to Jamf such as device policies, profiles, and groups. The adapter can be configured to collect additional information, such as user data and even mobile devices.
With the Jamf Pro adapter configured, Axonius can add devices to Jamf Pro computer groups directly in the Enforcement Center. Jamf Pro - Add Assets to Computer Group
1.Jamf Domain (required) - The hostname of the Jamf Pro server. This field format is 'https://[instance].jamfcloud.com'.
2. Username and Password (required) - The credentials for a user account that has the Required Permissions to fetch assets via the API.
3. HTTP Proxy and HTTPS Proxy (optional) - A proxy to use when connecting to the value supplied in Jamf Domain.
4. Tenant Tag (optional) - Specify a tag name to tag all devices fetched from this adapter connection.
5. Bypass SSO - (required, default: switched off) - Select it if the newly created user account is allowed to bypass SSO according to the Jamf instance settings.
6. 2FA Secret Key - If you access Jamf Pro through an SSO solution that requires 2-factor authentication, you will need to generate a secret key in that solution and paste it here. See instructions for performing this action in Okta.
To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.
Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to Advanced Configuration for Adapters.
- Fetch department of users - Select whether to fetch the names of buildings and departments of users for this adapter connection.
- Fetch policies (required, default: true) - Select whether to fetch policies associated with devices for this adapter connection. This field is ignored when Use pro API is selected.
- Fetch mobile devices (required, default: true) - Select whether to fetch mobile devices in addition to standard devices for this adapter connection.
- Use pro API - Select to use Jamf Pro API. If cleared, Axonius will use the Classic API.
- Async chunks in parallel (required, default: 20) - The number of chunks to fetch in parallel when working with the Classic API.
- Items to not fetch (optional) - Select one or more options to exclude from fetching.
To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.
Axonius supports the Jamf Classic API and Jamf Pro API.
Creating a User by Connecting to the Jamf Admin Panel
- Log in to the Jamf Pro admin panel and navigate to the Settings panel. Click Jamf Pro User Accounts & Groups.
- Click New to create a new user and select Create Standard Account > Next.
- Fill in the details for this account. Make sure to select Custom from the Privilege Set dropdown, and select Full Access from the Access Level dropdown.
- Navigate to the Privileges tab. Under Jamf Pro Server Objects, select the Read option for each object displayed.
- Click Save.
The value supplied in Username and Password must have the following access to devices.
|Pro||Mobile Devices||Read Mobile Devices|
|Pro||Departments & Buildings Information||Read Buildings|
|Pro||Departments & Buildings Information||Read Departments|
|Classic||Mobile Devices||Read - Mobile Devices|
|Both||EC Actions (when used)||Update - Smart Computer Groups|