How to Pull Device Information from Azure AD in Python

This is a two-step process… set up an app in Azure AD and run some code. This is for a headless process that periodically pulls data from the Azure AD database so we’ll be using the “Client Credentials” authentication method.

Continue reading “How to Pull Device Information from Azure AD in Python”
Advertisement

Checking user data in Azure AD when mapping to Jamf Pro Identity Provider

Usually when we’re figuring out mappings to import directory data into User and Location, we look at an AD record in Microsoft’s Users and Computers utility. But if we’re using Azure AD as the directory, that might not show the same thing that’s in Azure since not everyone syncs data up to Azure the same way.

You can look at users in the Azure console but it doesn’t show everything and you might want to see the raw data when troubleshooting. Graph Explorer gives us an easy way. https://developer.microsoft.com/en-us/graph/graph-explorer#

Continue reading “Checking user data in Azure AD when mapping to Jamf Pro Identity Provider”

Get a list of unique departments from Azure AD via Graph in Python or from AD via PowerShell

In Jamf Pro, we can populate some tables to help with lookups and data validation. A few of them are sometimes derived from AD Data. Like Jamf’s “Network Segments” can be populated with AD’s “Sites” data. The Department and Building fields in a device inventory’s “User And Location” section often come from the user’s record in a directory service, but they won’t populate unless the value is already in the lookup tables under Settings > Network Organization.

Continue reading “Get a list of unique departments from Azure AD via Graph in Python or from AD via PowerShell”

Python script to get Advanced Search results from Jamf Pro API

This script shows how to call the advanced search classic api endpoints to get search results. These reports are often easier to use for data export because you can add criteria and select just the fields you want. Once you get the json back, you can loop through the objects to do additional work or export to a csv or other format as needed.

Continue reading “Python script to get Advanced Search results from Jamf Pro API”

MDM Profile Signing in Jamf Pro

We were testing User-Initiated Enrollment stuff and we noticed when accepting the mdm profile it was showing up as “not -verified”. Our CISO did make a good point that users might be hesitant to install the profile seeing that it’s not verified and it could encourage bad habits. I saw in the settings we can enable a third-party signing certificate… can I buy a cert now even though we’re planning to change our URL when we go to production?

Continue reading “MDM Profile Signing in Jamf Pro”

Jamf Pro Python Script to Send Remote MDM Commands via API

There might be cases where you need to send a command to a group of devices, but the group is too large to use the Group/mass-action commands built into the Jamf Pro GUI because that would send all the commands out at once. This script will work its way through a group in batches you can configure.

Continue reading “Jamf Pro Python Script to Send Remote MDM Commands via API”

Windows Firewall rules for Jamf ADCS Connector

You probably already have a firewall rule so only Jamf Cloud can reach the external IP of your Jamf ADCS Connector. But do you have one on the windows server so that only traffic coming through that connection can reach the server? It’s a safe bet that something on your internal or DMZ networks will eventually be compromised. You don’t want anything like that to touch the Connector! Enter Windows Firewall.

Continue reading “Windows Firewall rules for Jamf ADCS Connector”