- Jamf Nation Community
- Products
- Jamf Pro
- Optimizing my Zero Touch for Students
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Optimizing my Zero Touch for Students
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-11-2019 05:57 PM
We have 3 different departments, in which students get iPads for their Graduate School program. Each of the departments have different apps assigned to them based on their department. Our LDAP directory does not have a Departments field that populates in jamf. I have been using manually set Departments as the way we have organized the apps for deployments. I want to use the require login as part of the PreStage, but if I do so I lose the ability to automatically assign to a Department.
I also use separate PreStages for each of the school years and for each department so that when they graduate I can easily get the list of students for that graduation class so I can unmanage their devices as they keep them when they graduate.
What is the best way to:
1. Require Login during enrollment (to populate user information) so I can print a list of serial numbers and their assigned users.
2. Assign a department so that the users get the correct apps
I was thinking of doing Inventory Preload, but I don't want to have to hand specific devices out to specific people. We are trying to simplify our workflow so we don't have to put specific serial numbers on contracts and when students come in we can hand them any iPad in our inventory. We previously would assign iPads beforehand and hand them out that way.
Labels:
- Labels:
-
Enrollment
-
Jamf Pro
-
PreStage imaging
6 REPLIES 6
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-11-2019 08:45 PM
Do your student's usernames contain anything specific to their program? If so, smart user groups could simply fix that.
I am going to do with no for the above, as this is a graduate program. I have never done what I am outlining, but it is possible.
So you would not have to give a specific iPad to a specific user, I would first create all my user records prior to enrollment. There is a script to do this using the Jamf API. Take a look at the Jamf Nation article below.
https://www.jamf.com/jamf-nation/discussions/13669/importing-users-into-casperUsing a CSV containing username and a static group ID (from the JSS that corresponds with the student's program), I would then use The MUT to populate this in the JSS.
The nice thing about doing it this way is (1) each user doesn't have to get a specific device during roll out and (2) you associate their program with their user in the JSS and not with their mobile device. In addition, you probably already have this info on hand so it should be pretty easy.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-12-2019 09:40 AM
@jared_f Sadly no the LDAP directory does not have any information other than email, full name, and position as "student". Thanks for your insight!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-12-2019 09:43 AM
@casafrancisco That second method would definitely work though. You would first create the users from LDAP in the JSS and then add them to a static group. Definitely more flexible than inventory preload.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-12-2019 03:37 PM
@jared_f Yeah, just debating if I should do that or just stick with how the previous person had it setup as targeting the devices rather than users. I could just leave it and just make sure to add Devices enrolled via this particular PreStage. Thanks!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-13-2019 02:59 PM
@casafrancisco Honestly, the API part isn't bad and you probably already have a CSV somewhere of students and their enrolled program. You will have to re-scope ally our apps and books to those static groups, but once you do it once it will stick for the next year as you will just use the MUT and change the dropdown to to remove the users from the old class year and then change the dropdown in the MUT to add the new students from the year.
Another option:
Assuming these iPads are in their own pre-stage enrollment, you could make two dummy profiles for "Program A", "Program B", and "Program C" available in Self Service and then create smart groups that target iPads with a profile. There are several ways of doing this, but the MUT and a CSV is probably easiest. Only catch is importing those AD users into the JSS prior to enrollment.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-13-2019 03:01 PM
Are you using an SIS? You could sync classes with ASM and scope to those.
