Here's another annoyance with smart groups in JAMF vs dynamic groups in Azure AD (and this ties into PreStages, too): At my old job we had all our iMacs used for student labs in a single PreStage for easy standardization, and to pre-install any common software they all needed. There's no equivalent to a JAMF PreStage in Intune. There's probably a way to do it, but I haven't figured it out yet. I haven't found a way in Intune to do something similar (such as basing a dynamic group in Azure AD off something like a team, or business unit). We even got as granular a grade-level at some particular schools, so we could deploy specific apps to "All 2nd graders at XYZ elementary". These groups were updated nearly instantly as students were enrolling their iPads. We made some smart groups in JAMF based off a student's school (which was automatically filled in on JAMF when it synced with Active Directory and pulled that data over when the student enrolled on the device). My last job was with a school district, managing iPads for around 25,000 students. It is way more difficult in Azure AD, mostly because they don't have nearly the options for making groups that you have with JAMF. In JAMF it is damn simple to set up reporting or whatever else if you want.ĭoing things like making smart groups in JAMF based off pretty much anything you want is easy. There's nothing approaching that in Intune (maybe there's some level of reporting I haven't seen in Power Automate/Intune/Azure or Microsoft Graph or whatever, but if there is, you have to dig for it and it is complex to set up). In JAMF I can easily set up a report of just about anything I want, emailed to me at regular intervals. But maybe that was due to all my experience managing iPads in JAMF, and learning Intune over the past few months. I've only brought a single iPhone in Intune so far, and I will say it was relatively easy to set up, regarding things like config profiles and restrictions. They're a little easier to manage than MacOS overall anyway, but I think a lot of the issues with Intune still apply. I haven't had much experience with iDevices in Intune yet, although we are going to bring a small number of them under management soon. Anyone who can speak on experience with this would be appreicated. We have about 450 Mac clients, plus at least 50 iPads, various iPhones, and a few Apple TVs we're managing through Jamf. I really want to convince them to not go the Ivanti route, and only go with Intune if it can actually replace Jamf properly. They also mentioned that Ivanti might now be able to do better software packaging/remote access for Macs now compared to 6 years ago before we got Jamf. There's another meeting next week to discuss that more in-depth, and I'm currently writing up a justification for what we use Jamf for as I don't know if Intune can do all of it. Remote only worked 50% of the time, no ability to push software, etc. In the meeting I was just in, I explained briefly that when we tried that years ago pre-Jamf it was an awful experience for us and the users. With that, they want to have one MDM for all devices. We currently use LANDesk/Ivanti for Windows management, but they're moving towards Intune.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |