JumpCloud’s Apple MDM Solution

Written by Scott Reed on May 21, 2020

Share This Article

Apple MDM is part of JumpCloud’s robust system management platform. This feature simplifies work for administrators managing Mac fleets, from the ease of an all-in-one platform that also lets admins manage and secure Windows and Linux devices, wherever they are. 

Feature update: You can now enroll all your Mac systems in a few clicks and easily migrate them to JumpCloud MDM with our new macOS MDM enrollment policy.

Use this policy to remotely enroll Mac systems in JumpCloud’s MDM by installing the JumpCloud enrollment profile on targeted systems across your organization. The policy lets you seamlessly shift devices from existing MDM profiles to consolidate your tech stack and use JumpCloud’s MDM offering.

Once systems are enrolled, you can execute security commands to lock, restart, shut down, or wipe Macs, wherever they are online. (To use this policy, you must first configure your JumpCloud organization for MDM.)

Let’s take a look at how you enable Apple MDM in JumpCloud for macOS.

How it Works

JumpCloud admins register their organization as an MDM Server with Apple in a few clicks and unlock system management capabilities only available through Apple MDM, including remote lock, restart, shutdown, and wipe.

Admins then quickly bulk enroll their macOS systems into JumpCloud Apple MDM using the existing JumpCloud system agent to deploy their organization’s MDM enrollment profile. 

Why It Matters 

One of the coolest things about this new feature is the ability for admins to enact zero-touch enrollment. Automated Device Enrollment is available via integration with Apple Business Manager and Apple School Manager.

Admins using Apple MDM will also get granular monitoring and reporting using the event logging service in Directory Insights:

{
  “mdm_type”: “apple”,
  “request_type”: “DeviceLock”,
  “device_manager_object_id”: “5e95d0a128b4f8666ef26b87”,
  “command”: {
    “pin”: “603327d15366c6f2a21e29aad90188596030931bfe13c61d2e47082120b0722e”,
    “request_type”: “DeviceLock”
  },
  “event_type”: “mdm_command_result”,
  “command_uuid”: “f8e94ca2-97b9-4319-866a-c3438a5bf9d1”,
  “service”: “mdm”,
  “organization”: “5c71807298ce437512b9e8b7”,
  “@version”: “1”,
  “device_object_id”: “5ebeb092658f7304f48e2d84”,
  “error_chain”: null,
  “id”: “5ebef5995ce382052f6d2623”,
  “timestamp”: “2020-05-15T20:03:37.399619041Z”,
  “status”: “Acknowledged”
}

What’s Next

Admins using JumpCloud for Apple MDM will continue to see new innovations coming out of this integration. I’ll also be answering questions about this feature during JumpCloud Office Hours on Friday June 17th. If you don’t have a JumpCloud account, you can sign up for one here.

Scott Reed

Scott Reed is a Product Manager on the Devices team at JumpCloud. Prior to joining the Product team, he led the Solution Architecture team at JumpCloud. In fact, Scott is the original author of the JumpCloud PowerShell module. Scott’s background is in Corporate IT. Outside of work Scott loves to seek out fresh air and adventure with his wife, two young sons, and their black lab Lucy.

Continue Learning with our Newsletter