What You Need To Know About Mac User Management

By Greg Keller Posted May 15, 2015

Mac User Management

Microsoft® Windows has its companion directory service, Active Directory®. But in most organizations, Macs are still on their own.

Managing users on Mac devices has conventionally been a chore. But in a BYOD world where Macbooks are everywhere, it’s reckless to leave Apple devices unmanaged. That’s sweeping a very big problem under the rug.

Thankfully, it’s no longer 2007. In 2015, there are innovative, powerful, and almost effortless solutions available for central management of Macs. The problem? Your average IT department doesn’t yet know these solutions even exist.

Conventional Options for Mac Management

Apple offers its own Open Directory solution. But it isn’t widely used because of its focus largely on Macs. So unless you have an office full of Macbooks, Apple Open Directory just isn’t worth it.

OpenLDAP another option, but connecting Macs to OpenLDAP is not just inefficient, but limited. Yes, AD can authenticate Macs, but you don’t get any of the policy and device management capabilities that AD provides to Windows devices.

Going without Mac Management

With BYOD (Bring Your Own Device) in effect at a large number of companies, IT admins have for the most part simply thrown their hands up. Some tools can help. But because they’re Mac only, they don’t truly help IT admins centralize their entire user management infrastructure.

Most organizations don’t end up managing users on their Mac machines.

Why Managing Macs Matters

mac management jumpcloud

Effective Mac management has many benefits. Similar to other devices, management gives you control over what users can and cannot do on particular devices.

As your organization grows, building in security controls and safeguards becomes even more important. For example, what happens when a user with access to sensitive information is terminated from the company? Having the ability to shut down user access to the device can be a critical security control. That user’s device could very well have confidential and proprietary company data. Eliminating the ability for the user to login protects that data.

The remote wipe capability is valuable in a number of dire situations, for example if a laptop is stolen.

In addition to security issues, practical on-going support issues can be easily solved through having different levels of users. True Mac management means that a remote admin will be able to login and address support issues via an admin account.

The Bottom Line

Managing Devices

User management is the core of building an organization’s IT infrastructure. If you are unable to build core user management capabilities on a core platform, that leaves a gap in your environment.

Macs have previously been lost within that gap. Now with Directory-as-a-Service® solutions, IT admins can tightly manage Mac users and devices.

Directory-as-a-Service Offers Mac User Management

jumpcoud Directory-as-a-Service

Directory-as-a-Service is a cloud-based directory service that enables a variety of devices, applications, and networks to authenticate. Through authorization capabilities, users can be granted different permission levels.

DaaS solutions place a small lightweight agent on each Mac device and then provide full Mac user management and device management capabilities. IT admins centrally control the central directory services infrastructure from a Web-based console.

Because the service is delivered from the cloud, there is very little if any on-going management for IT admins from a software and hardware perspective.

Ready for True Mac User Management?

If you are interested in diving in deeper on Mac user management check out this video on managing macs in the modern office or, drop us a note. We also invite you to start testing our Mac management for yourself by signing up for a free account.  Your first 10 users are free forever.

Greg Keller

Greg is JumpCloud's Chief Product Officer, overseeing the product management team, product vision and go-to-market execution for the company's Directory-as-a-Service offering. The SaaS-based platform re-imagines Active Directory and LDAP for the cloud era, securely connecting and managing employees, their devices and IT applications.

Recent Posts