For those who want to openly challenge old school Windows habits, this was their JAMF Nation User Conference (JNUC) session! Chad Nielsen, Lead Technical Engineer at Forget Computers and Primary Developer behind Robot Cloud, examined how traditional Windows habits are often used without question to manage Macs and why this needs to be changed.
Concepts like AD Binding and GPOs were put on trial and a much more robust solution that involves the Casper Suite was presented as the solution for Windows admins who want to successfully “Cross the Chasm” into the Mac admin world.
A common scenario for organizations managing Macs and PCs is to use Active Directory as their directory service. AD is built to help manage password policies for PCs, but can often cause keychain issues on the Mac. Nielsen challenged the group to think different and ask themselves “why they want to bind Macs to AD” and encouraged them to instead rely on using configuration profiles and political policies. He also plugged cloud services saying that “Anytime you can rely on cloud services, it reduces troubleshooting time and cost. Consider using Okta, Ping Identity, or OneLogin, versus AD.”
Finally he wrapped up the presentation by discussing moving away from traditional monolithic imaging. He recommended moving towards a thin imaging approach or using Apple's Device Enrollment Program (DEP) by stating “DEP can automate the imaging process. This can reduce the need for IT even touching Macs. They can get back to writing love notes to users.”