Jamf Nation User Conference 2017

  • October 24–26, 2017

Sessions

Filter

Take a look at some of the most popular open-source apps that enhance the Jamf Pro experience. In this lab, you will have a chance to use some common tools, ask us questions about how they integrate with Jamf Pro and get some ideas about how you might implement them.

Jamf Pro is set up. What do you do next? Come learn successful deployment strategies regarding scoping, scaling and more for after your JumpStart. Lets talk!

Let's play with the API! What do you want to do next? Come hang out and get your questions answered. Have a little code you wanna' walk away with? We can help.

What does day one of an iPad EDU rollout look like? In this interactive lab, we'll provide you with an iPad that shows how DEP and VPP impact a given student’s experience. Once you see the experience, we'll answer questions and guide you through what configuring PreStage enrollments looks like and how to assign apps to devices, so students have the most fluid experience possible.

Have you fully adopted DEP yet? Having issues with specific PreStage configurations? Just want to give it a whirl, and see if you're ready to take the plunge? Join us in the lab to get your hands dirty with managing PreStage enrollments so you can get the most out of Apple’s Device Enrollment Program.

Do you want to empower your teachers and staff to do more with Jamf Pro? Do you want to keep them from doing too much? In this lab, ask us how to build groups and policies.

You can query and manage pretty much anything on a Mac using Jamf Pro. While we have built a robust inventory framework, we can't think of every possible use case you might have. In this lab, we will help you create an extension attribute, run it, and scope policies around it. If you've been writing your own extension attributes for a while, get your questions answered! If you’re new to extension attributes, get started today!

Do you routinely update your devices based on a spreadsheet? Have you seen the JSS MUT on the Mac App Store and wondered how it might help your environment? Want to give it a shot without the risk of applying incorrect settings on production devices? Join the author of the tool for a lab session to learn what it does and ask questions!

Are you struggling to understand why that app doesn't show up on that one device? Are you wondering how to make your Jamf Pro environment more efficient? Do you want to maximize Self Service? We get a lot of questions around policy scoping and we want to answer even more! Whether you've been using policies for a long time or are new to it, join us in this lab to up your policy scoping game!

Using Apple’s Volume Purchase Program (VPP) to purchase and distribute apps and books in bulk is a critical aspect of managing apps and devices. We will discuss common questions, such as whether you use user-based or device-based assignments, or use Self Service for VPP-based workflows. During this lab, test Apple's new tethered-caching capability and get help as you plan for an efficient deployment. We will be happy to work with you on workflows that you might be planning on using in your next update.

Ready to get started with Webhooks? Do you want to start with some practical examples, and then customize them to meet your needs? How do you test your Webhooks? Sit with us and we'll help you get started, and, if we're all lucky, publish some pretty sweet automations!

Making Jamf Pro extensible by allowing you to look at settings on a device is one of the most powerful (and sometimes easiest) things you can do. In this session, we will walk through how to use Extension Attributes. This includes how to create an Extension Attribute, how the Extension Attribute is run and how to scope policies around them. This is a beginner session, so while we won't teach you to write a script, we will show you how to grab basic information and initiate automated tasks from that information.

You may use DEP for your iOS devices, but with compelling new capabilities and uncertainty about the future of imaging, the industry is looking to utilize DEP to refresh Mac deployments. This session will cover how DEP can improve IT and end-user experiences, as well as how to enable DEP workflows in your environment. Lastly, we’ll talk through some common concerns that people express when considering DEP for the Mac and how to overcome them.

Which distribution point is best for you? Once you’ve got a distribution point and you’ve filled it with goodies for your users, what do you do with it? What about serving your remote offices or users who are traveling or working from home? We’ll discuss the ways to set up distribution points to maximize the experience and minimize the load. We'll also talk about where to place your distribution points, how many you'll need, fault tolerance and assigning distribution points to users.

Certificates are tricky, but they don't have to be. Jamf wants to help you manage certificates better. In this session, we'll look at that certificate you created in your JumpStart and then how to update certificates. We'll go on to explain what we do to help protect you from potential problems and what you should do outside of our products. Finally, we’ll discuss certificates in policies and review technical details around how to manage them.

Apple’s Volume Purchase Program (VPP) is critical to any environment. In this session, learn how to add a VPP token to a Jamf Pro environment. We'll then assign (aka scope) apps to users and devices, and look at the difference between the two experiences. We'll also review common troubleshooting steps and some best practices to help keep you as sane as possible!

Patch Management. We've been talking about it for years. Now we're ready to show you how to set it up, how to define user interaction settings and the long-term impact of using built-in Patch Management with Jamf Pro. Let us help you create an excellent user experience that doesn't drive you completely insane when trying to keep up with all the latest updates on these software titles.

In a mobile world of devices of all kinds, see how one IT Admin uses an iPad to manage every Mac, Apple TV, iPad and iPhone in his environment. Find out how you, too, can do your job not just from your desk, but from any location.

Have you ever written a script before? If not, this is the session for you. In this session, we'll take a beginner’s journey through writing bash scripts and cover things like writing output, accepting input, running basic commands using variables and where to go for more information.

Infrastructure Manager is a Jamf Pro service that manages our LDAP Proxy Server. The Proxy allows traffic to pass securely between Jamf Pro and an LDAP directory service, even if you're hosted in the Jamf Cloud. In this session, we'll go through a basic setup in a DMZ, connect that to a Jamf Pro server and then verify that we can look at information from the directory service. We'll also throw in some tips and tricks around load balancers, ports, what actually goes over the wire, etc. just because we like you.

One of the most important aspects of managing Mac devices is how you scope policies to them. In this session, we'll look at how to assign apps and policies to users, devices and groups. Work through all the options Jamf Pro makes available, including how to scope to a group, how to constrain within that, how to determine how often a policy should run and what to expect to see within Jamf Pro once run. We'll add some tips and tricks we've learned from doing thousands of JumpStarts to help you scope like a boss!

Jamf regularly releases new versions of its software. In this session, we'll look at how to back up your environment, including key stores, databases and everything else you will need to restore should your upgrade require a roll-back. Then, we'll step through best practices around upgrading your environment and testing to ensure that everything works as it should once you've completed the upgrade.

Zero-touch deployment is all the rage. Handing out and assigning devices directly to users keeps things easy. But, what about schools that rely on shared-use, generic classroom carts of devices - especially in a DEP world? This session will demonstrate the power of the best, but nearly secret feature of Apple Configurator 2: command line automation tools. Working together with the Jamf Pro API, these two tools can bridge the gap for shared-use/cart-based iPad by connecting the real world of devices on your workbench with Jamf Pro to streamline shared-use iPad deployment. Additionally, Josh Bourdon will feature his home-grown, no JSS-experience-required, shared-use iPad setup tools.

About the Speaker

Josh Bourdon

Josh Bourdon is the Apple Desktop & Mobile Administrator for the Ottawa Area Intermediate School District, a county-level public school district providing and enriching educational opportunities for students, schools and communities. Administrating devices in a six-school district technology consortium, Josh has adopted the motto “If you’ve had to do it twice, write a script.” Josh has also juggled iPads as a high school 1:1 coordinator, answered help desk calls in windowless basements, and on more than one occasion played bass in a Buddy Holly tribute band fronted by Gary Busey. He couldn’t script that one.

We've all been there. You just started a new job and are excited to get to work. The only problem is that you don't have access to the systems needed for your job, you can't set up your equipment (or it hasn’t arrived), and to top it off, the right people didn’t even know you started today. This is a new hire's worst nightmare. Worse still, it reflects badly on IT. Learn what to do to improve on-boarding, the tools you can use to automate the process and how to keep your head above water as your team grows.

About the Speaker

James Smith

James is a dad to an awesome four-year-old and previously lead the glamorous life of a Barista by day and DJ by night. He's now squarely focussed on enabling employees to do their best work as a SysAdmin for Culture Amp, a 150-person startup founded in Melbourne with offices in San Francisco, New York, and London, who work to change the way companies think about employee engagement.

Apple is making inroads in the enterprise. Some environments require a lot more security than others, like government and financial sectors. Smart cards are a proven, secure way of providing authentication as part of a 2FA setup. This talk will provide background and technical theory, as well as discuss the pitfalls of using smart cards in your environment. We'll cover how to make this work via Jamf Pro with built-in configuration and in-house work. Come learn the steps to make your environment more secure.

About the Speaker

Richard Purves

Richard Purves is a not quite 6 feet tall ape descended British Mac Admin who can't decide which country to live in. He started in the U.K., then moved to Saudi Arabia, is now Switzerland and is aiming for the U.S. in 2017/2018! He has worked in three IT business units (publishing, education and finance) since 2004 and only two people ever have worked out where his nick "franton" is from. These days, he specializes in Apple integration into existing infrastructures, with projects such as “JSS in a Box”, “JSS Config in a Box,” and more recently his reference implementation of the CIS security specifications.

Learn to scale like a Jamf pro. Topics covered range from simple upscaling tips, such as separating database from Tomcat instance, to adding an extra, but separate, distribution point. The fun doesn’t stop there. Bring a five-member cluster online (with members both inside and outside the DMZ) with a proper admin console and a purpose-driven Tomcat instance for Cisco ISE.

About the Speaker

Brian Martin

Brian Martin (blackholemac on Jamf Nation) is the Apple Systems Administrator for Lafayette School Corporation, a mid-sized city school district in Lafayette, IN. He has been tinkering with Apple products in some form since his high school days in the mid-1990s and has been with LSC since 2002. Aside from trying to be a good dad to twin boys, his current Apple IT focuses are the art of good Mac packaging and scaling Jamf Pro servers to properly meet end user demand.

Discover how Shopify deals with fast growth and the types of tools, like Jamf Helper, that help manage devices and security while maintaining open culture. Go on to discover how Apple’s Device Enrollment Program (DEP) with Jamf Pro helped Shopify recover a stolen device even after it was wiped.

About the Speaker

Diana Birsan

Diana Birsan is an Internal Security Developer at Shopify. She has been part of the Sys Admin community for over six years and has worked on maintaining open culture at Shopify while securing devices with Jamf Pro in a quickly growing environment. In her spare time, she is a gamer and a mini dachshund owner.

Have you ever been to a session or workshop where you painstakingly transcribed every word, only to discover you have no idea what you were supposed to be learning? If so, sketchnoting might be the answer for you. Sketchnoting is a visual style of notetaking (doodling!) that can increase retention, engagement, metacognition and visual literacy. Learn how Clinton High School students and teachers use sketchnotes and iPad to create and share resources, both in and out of the classroom.

About the Speakers

Vanessa Perez
Michele Charles

Want to learn how to deploy 7,500 devices in one day across 10 campuses – without issues? Come hear Clover School District’s Executive Director of Technology, Matt Hoffman, and Mobile Device Manager, Andy Cauble, share how they made it happen. Now in its fourth year as a fully implemented 1:1 Apple district, Matt and Andy have great insight into the do’s and don’ts of 1-to-1. Join them to hear tips on device collection and distribution, as well as device management both in and out of the classroom.

About the Speakers

Andy Cauble

Andy has been the mobile device manager for Clover School District since 2014, when the district chose to implement 1:1 iPads (PK-8) and Macbooks (9-12).

Matt Hoffman

You think your Mac environment is challenging? Imagine the complexities and security requirements of the Department of Defense. Then, add old-school, backwards thinking and a lack of Mac-friendly leadership. Most DoD agencies only use Windows, but there are the research and scientific networks that have some Mac/iOS devices sprinkled in for flavor. Digital certificates, Outlook, digitally signing and encrypting emails, smart card logins, unsupported OS by most of the DoD service desk(s), managing a separate AV/HBSS solution just for Mac, and don’t forget about mobile devices… And, we haven't even got to the fun part yet. Learn how one DoD agency applied Jamf Pro to rise above these challenges and successfully manage one of the most complex Mac environments out there.

About the Speaker

Brian Fox

Brian Fox is a civilian employee of the DoD, and currently serves as the Engineering Manager for a U.S. Navy research network based out of San Diego, CA, but stationed in Omaha, NE (quite the shift!). Brian has 20+ years of Mac admin experience, starting in high school where he was the only student working on a large number of Mac Classics. Working as an Apple admin in multiple locations and industries over the years, the Navy capitalized on Brian's years of experience and asked him to head up the Mac automation project where he has been working since 2013.

Getting devices into the hands of users is only the beginning of the journey. As a Mac Admin, we are responsible for device security, software packaging and distribution, configuration management and more. This ongoing maintenance is where many of us spend the bulk of our time. Join Scott Blake as he explains how he achieved "desired state" management with Jamf Pro. Along the way, learn tips and tricks to regain control of your daily schedule.

About the Speaker

Scott Blake

A lifelong tech enthusiast and West Virginia native, Scott Blake has been affiliated with West Virginia University since 2001. After spending time as a student lab manager, inbound support technician, on-site technician, and web developer, Scott found his calling as a Mac Admin. He is currently an Endpoint Management Specialist at WVU where he leads the Mac management efforts. Scott currently lives in Morgantown, WV with his wife and 3 children ages 8, 6, and 3. He spends most of is free daylight running said kids to and from various practices while most nights are spent pecking away at his keyboard.

Already got Jamf Pro? Considering scaling Jamf Pro? Join us as we scale! This session will cover migrating and running Jamf Pro for growth, including scaling, automation and security. Learn how Oath designed for sudden growth, separated admin from client-side nodes and approached security. See how Oath’s IT Security and Jamf Pro teams collaborated on hardening, vulnerability management and data security. You’ll walk away with an architecture playbook and security techniques to help protect your organization.

About the Speakers

Lisa Davies

Lisa has been working with Macs for longer than she cares to publicly disclose, with experience in large environments including K-12, Higher Ed, and corporate. She has still not yet owned a PC; however,? owns MAC products, and reviews the MACs of the Macs.

Andrew Leininger

Andrew works with Jamf Pro and SCCM to manage Macs and PCs. He works on imaging, packaging, deployment, automation, and documentation. He enjoys reviewing weekly MAC schedules affecting the Macs and their MACs.

Brandon Coates

Brandon has over 10 years in tech as an administrator, tester, network attacker, and now he spends his time as a network defender. In his spare time, he attempts to make his Kessel Run picture perfect Beyoncé.

Chris Holt

Chris has been hard at work running tools, breaking sites, and teaching devs for six years. While showing obvious mastery in the Application Security space in the office, outside of the office he has dominated snow covered slopes on a board, owned Guitar Hero, built a 3-2-1 data center in his basement, and just recently taken to scuba diving in an attempt to subdue Poseidon himself. Payment for autographs can be discussed later.

Come join us for a deep dive into Center for Internet Security (CIS) validation. Take a look at how we utilize open source projects to assist with CIS, and hear real-world examples that can translate to your own environments. This session will give you the understanding and tools you need for successful Jamf Pro management and monitoring of CIS compliance.

Jamf Pro is often used to get Apple endpoints into compliance. But, you need to protect Jamf Pro itself as well? In this session, we'll look at securing Jamf Pro, how we test for security and the compliance of our products.

The Scalability Task Force is a cross-departmental team of Jamfs that has been meeting over the past year to discuss load balancing, performance tuning, monitoring and enhancements to the product to make it far more scalable. Come meet the developers and field teams charged with making a more scalable product, supporting large environments (100k and up) and deploying our products in enterprise-scale scenarios. We’ll come ready to answer questions from load balancing to sizing of servers!

Jamf has a number of API options to use when scripting. During this session, we'll examine how developers “intend" for APIs to be used, how they are actually used, some tools we use when developing against our own APIs, where and how to share assets and, of course, what to look for in future iterations of the API.

The Healthcare Listener enables you to use your healthcare management system to send ADT messages securely to Jamf Pro. Doing so allows your non-IT staff to manage devices based on the state of a patient and thus provide a seamless bedside experience. But how do you configure and test it, and what challenges might you face? In this session, we'll step through the setup and share real-world examples of automations you can leverage.

Jamf Pro supports sending commands to a separate web server based on events that are triggered by something happening in Jamf Pro, commonly referred to as a Webhook. For example, if a device falls out of compliance, you can create a ticket in a third-party management solution. In this session, we'll explain what an HTTP callback is, how they're triggered, the requirements to use Webhooks and show some examples of projects that Jamf has made available to our community leveraging Webhooks.

Did you hear? There are new management capabilities available with Jamf Pro and tvOS 10.2. Discover how Apple TV can help create personalized classroom experiences, engaging conference rooms, customized hotel messaging, enhanced hospital offerings and more. Your environment is one Apple TV away from greatness. Stop by to explore the possibilities.

New technologies and deep integrations are unlocking new workflows for managing iPad and Mac deployments in education. Whether you're just getting started with Apple or you have experience with Apple School Manager, this session will cover everything you need to know in order to go all in with Apple in the classroom. So let’s get started and make a difference in education!

Take a tour of the new and improved macOS Self Service in Jamf Pro 10. Not only does the Jamf Self Service app help you define your end users’ experiences, but it also delivers cost-savings to IT through reduced support calls. Deliver apps, tools and content to your users that’s customized to their unique needs and location, all while empowering them to get what they need – without IT.

Streamline IT tasks and transform the end-user experience through strategic use of the Apple deployment programs. Come learn how the Device Enrollment Program (DEP), Volume Purchase Program (VPP) and Apple School Manager can impact your environment for the better. You’ll be glad you did.

The healthcare landscape is changing. Together, Jamf and Apple are creating a better patient experience by providing education, entertainment and engagement through iPad devices at the bedside. Additionally, the model is enhancing clinical communications and check-in procedures. Not in healthcare? That's OK. Be inspired by how Jamf Pro, the Apple ecosystem and these healthcare workflows apply to enabling technology for the people you serve.

Ready for a new experience? Along with a completely redesigned interface, Jamf Pro 10 introduces new features and benefits – all with a user-centric design in mind. Come discover the new ins and outs of Jamf Pro 10 and how this newest version can help you succeed with Apple more than ever before.

Grab your oxygen tank! We're diving deep under the surface to explore the inner workings of the Apple Push Notification Service, and how Jamf Pro uses APNs for more effective device management. We'll examine the public APNs infrastructure, security handshake protocols, tokens and payloads, special considerations for Jamf clusters and firewall configuration to make it work in your organization.

About the Speaker

Bradley Chapman

The Jamf API can be overwhelming, especially to someone who has never used it before. This session is aimed at people with some experience in the terminal who want to get started using the Jamf API. Go from API nobody to API ninja. See how to use the API through examples and resources. Step through the process of using the API with Postman, curl, bash scripts and python scripts, and determine when to use xml or json.

About the Speaker

Bob Gendler

Bob Gendler is an Apple fanatic using Apple products as far back as the Apple //gs. He graduated from the Rochester Institute of Technology with a bachelor's degree in Information Technology. He was previously the Technology Coordinator at an international nonprofit, but has been the Laptop Program Coordinator and keeper of all things Apple at St. Andrew's Episcopal School since June 2012.

See how one hotel is offering a modern and streamlined hospitality experience with Apple TV and Jamf. Get a behind-the-scenes look at how Apple TV is enrolled through the Device Enrollment Program (DEP) and Jamf to enable zero-touch enrollment. See how guests go on to benefit from consuming the content they want and like by either connecting their own Apple devices to Apple TV or entering their own Apple ID in the Apple TV.

About the Speaker

Yuichi Takahashi

What did many hacked organizations like Target and the NHS have in common? They were compliant with security standards. Hear how security compliance should be viewed as a minimum viable product and why moving beyond the checkbox is critical to the core security of your organization. In this session, we'll design a mock technical plan to navigate the political and technical challenges of augmenting security compliance using Jamf Pro. We will also cover how various information security tools like honeypots can increase security but may cause organizations to fail compliance audits.

About the Speaker

Daniel Griggs

Daniel Griggs is the founder of cmdSecurity, an IT security firm in the D.C. area, specializing in Apple device security and management at scale. Before starting cmdSecurity, Dan worked with various government agencies including NIST, U..S Army Advanced Technologies, and the U.S. DoD where he co-wrote the STIG security guidance for Apple devices in the military. At NIST, he migrated over 1,200 Macs from decades of “the wild west” to full management and security compliance in 6 months.

Parsing the JamfSoftwareServer.log, changemanagement.log or access.log can be a time-consuming task. In this session, we’ll take a look at setting up a single Graylog server to ingest these logs and explore some of the fun things we can do with the data provided. Learn how to create dashboards to visualize available data and impress your manager (managers love pictures!). Further, keep an eye on site admins and the commands they run (why did someone just initiate a MDM wipe for 1,000 devices!?), and monitor server events to help track potential performance issues.

About the Speaker

Robert Whitt

Robert Whitt is a Device Management Systems Engineer with the Leveraged Services group at Indiana University. His team manages the Global Casper Service (powered by Jamf Pro), the Global AirWatch Service, as well as the IU Mac Lab Build used in student labs across several campuses. Currently, the Jamf Pro environment has 36 sites and more than 5,000 Apple devices.

Jamf has Patch Management. The open-source community has Autopkg and Autopkgr. Apple has the Volume Purchase Program (VPP). With all of these options, when should you use each? In this session, we'll take a prescriptive look at each and go through how each decision manifests itself in Jamf Pro.

About the Speaker

Ben Toms

Ben Toms (aka macmule) is the Technical Director at dataJAR Ltd, a U.K.-based Jamf MSP & Integrator. Ben has been managing Macs with Jamf for a little over a decade, and since joining dataJAR in 2016, Ben has been on a quest to "automate all the things," cutting down on the faff associated with deploying software.

Jamf Pro covers the full breadth of macOS lifecycle management. But, there are a number of open-source tools that complement Jamf. During this talk, we will cover how leveraging open-source tools complement Jamf workflows. Each project that we cover will include a 30-second video demo from a maintainer of the project. Then we'll show you how to add these to your Jamf workflows so that you can get the most out of both the Jamf world and the open-source world.

About the Speaker

Francois Levaux

Directory services have long been the scourge of the Mac Admin. Yes, you can bind. But, do you want or need to anymore? Let's step through installing and using NoMAD to replace your binding operations in 45 minutes or less. During this session, you’ll learn about the latest features of the open-source NoMAD application and understand how it can work within your Jamf environment.

About the Speaker

Joel Rennich

Joel is the General Manager for Orchard & Grove, an app development and consulting firm in Austin, Texas. In 2016, Joel released the popular open- source application NoMAD, and is now developing other tools that strive to make Mac admins’ lives easier. Previously, he spent over a decade working at Apple as an Enterprise Systems Engineering Manager doing all kinds of fun things with lots of cool people while solving crazy problems to allow for integrating Mac and iOS devices successfully into enterprise environments. Prior to Apple, Joel was frequently seen speaking at Macworld, WWDC, and other international conferences and gatherings of Apple-minded admins as the founder of AFP548.com.

Most of us are familiar with code libraries for Python, Ruby, JavaScript and so on. We install and use them to make our work in those languages easier and to help follow the principles of DRY programming (Don't Repeat Yourself). But, how many of us write our own? Writing your own custom libraries, tailored to your environment, can save you and your co-workers time and effort, as well as increase your code quality throughout standardization. This session will discuss the general concepts behind code libraries and using Bash and Ruby, as well as look at how to write, document and deploy them.

About the Speaker

Chris Lasell

An Apple Peeler all his life, Chris Lasell holds a degree in the Culinary Arts. He was once a hotel pastry chef at Dartmouth College, where bought his first Mac in 1986. By '89 he was peeling a different kind of Apple, and became a Mac and Unix support technician at Dartmouth. Lured to the northwest by all the great beer, Chris moved to Portland, Oregon in '91 and continued peeling Apples at Reed College for another decade. In 2002, he decided to wander around the country on a bicycle for 18 months, and eventually landed in the San Francisco Bay Area helping Pixar. Chris is the creator of ruby-jss, a Ruby interface to the Jamf Pro REST API, as well as d3, a command-line patch management solution that enhances Jamf Pro.

Join us in a walkthrough of the infamous Kool-Aid Man incident: how seven stolen laptops were recovered within 24 hours and the "Kool-Aid Man" was put behind bars. OH YEAH! This talk will walk through several steps you can take to recover stolen assets utilizing Jamf, Apple’s Device Enrollment Program (DEP), a few open-source projects and good old-fashioned intelligence gathering. We will also go into common criminal workflows for stolen assets, how to disrupt these processes and, finally, security hygiene for Mac endpoints to help protect against physical hardware loss incidents.

About the Speaker

Mike Toole

Mike Toole is a Senior Systems Engineer at Duo ISS, the Information Systems & Solutions team within Duo Security. Prior to joining Duo, Mike was a Systems Security Analyst focused on card payment environment security. Mike has spent most of his carer focused on security and building solutions as a generalist, but has a long history with Mac and Cloud. Both going back to before they were cool. He has also built some rather unique systems, including a Keanu Reeves- themed sms alerting bot.