horizonvef.blogg.se - Configuration profiles may only be created in jamf pro

#Configuration profiles may only be created in jamf pro upgrade#
#Configuration profiles may only be created in jamf pro registration#

The webview in which authentication is performed must have access to the Okta Keychain on the device. Webview must have access to the device keychain: Device Trust for managed macOS computers works with any SAML/WS-Fed-enabled app that supports authentication through a webview.

#Configuration profiles may only be created in jamf pro registration#

(Note: Be aware that disabling syncing blocks all keychain transfers.) See the Add the modified Okta Device Registration Task to Jamf Pro and distribute it to macOS devices. Prevent iCloud from transferring the Okta keychain to other Apple devices: To prevent iCloud from transferring the Okta keychain from DT-secured macOS devices to other Apple devices, Okta strongly recommends that you create a Configuration Profile in Jamf Pro that disables Allow iCloud Keychain syncing.However, it doesn't work with Microsoft Office thick client version 16.14 (build 180610). For information about securing Office 365 clients that use legacy protocols, see Office 365 Client Access Policies.ĭevice Trust isn't supported with all versions of Microsoft Office thick clients: This Device Trust solution has been tested to work with Microsoft Office thick client versions 16.13.1 and 16.15. For more information, see this Microsoft article. Modern Authentication required for securing Microsoft Office apps: To secure Microsoft Office apps with this Device Trust solution they must be enabled to support Modern Authentication.For this reason, it is recommended to issue certificates only to the devices that require access to secure resources.

#Configuration profiles may only be created in jamf pro upgrade#

If you have macOS 10.14.xx (Mojave) and are currently using registration script 1.2.1 or earlier, continue to use it as-is, or upgrade to Catalina, Big Sur, or Monterey before using Python 3.ĭevice Trust deployment is not renewed on devices that are not used to access secure applications.

If you have macOS 10.15.xx (Catalina), 11.xx (Big Sur), or 12.xx (Monterey), use registration version 1.3.3 or later, which is based on Python 3.

Depending on your OS, complete one of the following, to make sure you use the appropriate version of this script:

The Okta Device Registration Task is a Python script that completes various tasks (for example, enrollment, and registration).

The following browsers and native apps capable of accessing the Okta Keychain on the managed computer when performing the federated authentication flow to Okta:.

Apple computers running Supported platforms, browsers, and operating systems of macOS.

Okta Device Trust ensures that only known and secured devices can access your Okta-managed applications. Okta Device Trust for Jamf Pro managed macOS devices allows you to prevent unmanaged macOS devices from accessing corporate SAML and WS-Fed cloud apps. If you require the Python 2.x script, see Device Registration Task v1.2.1. Okta Device Registration Task v1.3.1 was released to support Python 3. Enforce Okta Device Trust for Jamf Pro managed macOS devices