Through extensive testing in Apple’s beta releases, Jamf Pro 10.41 continues its legacy of same-day support by ensuring compatibility for macOS Ventura, iOS 16, iPadOS 16 and tvOS 16 when they become available. We are excited to show you the highlights of this notable release.
Support for managing Platform Single Sign-on features
Continuing to modernize device ecosystems, Platform Single Sign-on (SSO) unites the local user account on a Mac to the Single Sign-on application. This is a replacement for using an active directory and mobile accounts. Platform SSO enables users to sign in once at the login window and then automatically sign in to apps and websites.
In this release, Jamf Pro 10.41 includes support for managing the following new Platform SSO features:
- Whether Platform SSO may be used
- Whether Platform SSO may store credentials in the Secure Enclave
- Registration token for silent registration
- Using Platform SSO credentials for acquiring Kerberos Ticket Granting Ticket (TGT)
Important Note: A requirement for Platform SSO is support from a cloud IdP for the Platform SSO authentication protocol.
New Configuration Profiles for macOS Ventura, iOS 16 and iPadOS 16 Support
Jamf Pro 10.41 adds support to manage new settings that will become available with the release of macOS Ventura, iOS 16 and iPadOS 16.
- Ability to manage and disable Universal Control: Universal control, introduced in macOS Monterey 12.4 and iOS 15.4, revolutionized the way end users can use their devices together. Needing just a keyboard, trackpad, Apple ID for both devices, and bluetooth and WiFi enabled, an end user can move information back and forth between devices. However, for security reasons, being able to move information back and forth between devices poses the inability for organizations knowing which information is on what device, and when.
With the release of Jamf Pro 10.41, we are prepared to support the ability to manage and disable this feature for macOS Ventura 13 when released later this year. For IT and Security teams, this resolves the risk that potentially sensitive information or data is spontaneously moving around managed devices.
- Modernize Terms of Address to End Users: With macOS Ventura, iOS 16 and iPadOS 16, organizations that have end users who speak French, Spanish, or other languages that use gender-specific words can now choose how each user should be addressed. This includes masculine, feminine, and gender-neutral terms of address.
In some instances, such as managing a shared device, Jamf Pro administrators may wish to skip this Terms of Address screen.
- Network traffic app management options: Administrators may have a need to block access to certain content on the web, for example, at a school where they want to limit student access. Currently, the only option to manage network traffic is via per-app VPN.
Soon, with the release iOS 16 and iPadOS 16, two more options will become available and Jamf Pro will be ready to support those options. In addition to per-app VPN management, admins will be able to manage per-app traffic using a DNS proxy or a web content filter.
Azure ID Migration
Existing LDAP Extension Attributes (EA) can now be mapped to Azure AD via the Migration Assistant. This is a huge improvement for customers to easily migrate LDAP EAs to Azure AD. This can be done in two ways:
- Migrate the EAs to existing Azure AD attributes
- Create a new Azure AD attribute from existing LDAP EAs if no existing exists
For Admins, this is going to alleviate the tedious task of adding an EA after a migration. Since customers can have hundreds of LDAP EAs they want to migrate or just a few critical ones. Now, with the help of the migration assistant, and the release of Jamf Pro 10.41, customers can easily migrate with this new workflow.
Interested in learning more about Jamf Pro 10.41?
Check out the Release Notes.
Subscribe to the Jamf Blog
Have market trends, Apple updates and Jamf news delivered directly to your inbox.
To learn more about how we collect, use, disclose, transfer, and store your information, please visit our Privacy Policy.