A refresh token for Azure access is generated every seven days.Īfter a device is marked as Unresponsive by Jamf Pro, the enrolled user of the device must sign in to correct the non-responsive state. If the Azure token expires, users are prompted to sign in to Azure to obtain a new token.When the token refresh fails for 24 hours or more, Jamf Pro marks the device as unresponsive.With successful registration to Azure AD, macOS devices receive an Azure token: Devices are marked as unresponsive by Jamf when they fail to check in over a 24-hour period. Jamf Pro expects devices to check in every 15 minutes. How many devices are affected (all devices or just some)ĭevices are marked as unresponsive in Jamf ProĬause: The following are common causes of devices being marked as Unresponsive by Jamf Pro:.How many users are affected (all users or just some).When the problem started, and whether your Jamf Pro integration with Intune worked previously.You must have a user account that has Global Admin permissions in Azure.Ĭollect the following information when investigating Jamf Pro integration with Intune:.You must have a user account that has Microsoft Intune Integration permissions in the Jamf Pro console.All users must have Microsoft Intune and Microsoft Azure Active Directory (Azure AD) Premium P1 licenses.Use the Jamf Cloud Connector to integrate Jamf Pro with Intune.Review the prerequisites from the following articles, depending on how you configure Jamf Pro integration with Intune:.Consider the following before you start troubleshooting: For example, when you encounter a Jamf-Intune integration-related issue, always verify that prerequisites have been met. Prerequisitesīefore you start troubleshooting, collect some basic information to clarify the problem and reduce the time to find a resolution. Each of the following sections describes a common issue, and offers a potential cause and troubleshooting steps for a resolution. The blog tells you how to automate this, so you will need to set up a web hook server of some description (something like JAWA or in the above example PowerAutomate) to handle the trigger mechanism its needs (normally done by the Jamf binary) for the Jamf Pro API to send a " InstallEnterpriseApplication" MDM command via APNs asking the client to get the QuickAdd package installed again to restore the Jamf binary framework to the device.This article helps Intune administrators understand and troubleshoot problems with integration of Jamf Pro for macOS with Microsoft Intune. The above blog assumes you have wisely ensured all your mac's were enrolled via ADE (DEP) and you have marked the MDM profile to be non-removable.Įven if a user manually removes jamf or runs the command to remove all framework because the MDM profile is non-removable, it will still receive MDM commands by APNs, so by using the information in the blog you can send a MDM command to reinstall the Jamf framework and restore the Jamf binary functionality (it uses the same MDM command that adds the Jamf binary on enrolment) Its possible for any admin enabled user and bit of tech knowledge to look up the terminal command to remove the all JAMF Framework. Think of the Jamf agent being in two parts, the binary (Jamf) and MDM profile (Apple)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |