If you are wanting to deliver managed resources from Jamf Pro to your end users through AppsAnywhere, you will need to link it with a Jamf Pro environment. In this article, we will discover how to create a new connection to a Jamf Pro environment.

In this article

Also in this section

There are no sub-sections to this page


 

Overview

AppsAnywhere has the ability to link to any Jamf Pro environment in order to deliver managed resources to end users. Once you link AppsAnywhere to a new Jamf Pro environment you will be able to import policies, e-books and mac app store applications that are configured in that environment into AppsAnywhere and make them available to your users through as part of your delivery strategy.

Creating the connection

  1. Log into AppsAnywhere as an admin user
  2. Click on Return to Admin to access the AppsAnywhere admin portal
  3. On the navigation menu at the top of the page, go to Jamf Pro > Manage Jamf Pro Environments
  4. Click on the Add button on the top right of the page

Enter the details of your Jamf Pro environment:

Form Field NameExplanationExpected ValueExample
NameA friendly name for the connectionYou can call the connection anything you wantMy Jamf Pro Environment
HostThe fully qualified domain name for your Jamf Pro instanceThis should be the highest-level DNS name available for your Jamf Pro instance. This can be a cloud instance or a local instancemyorganisation.jamfcloud.com
Port

The port that your Jamf Pro instance is running on

 

This usually depends on whether you are using a secure connection or not, but we presume you are by default8443
Service UserThe account that AppsAnywhere will use to authenticate with the Jamf Pro APIThe username for the service account you created (see details further down the page)appsanywhere_service_user
Service User PasswordThe password for the service user that AppsAnywhere will use to authenticate with the Jamf Pro APIThe secure password that was created for the service account when it was set up in Jamf Pro.

65b2*TpQX7uJz7Gn4rE2

* please don't use that one..

Allow User-Level MDMIndicates whether users logged into their macOS device with a local user account can still access Jamf Pro resources. This only applies to devices that are not joined to the domainThis option should only be enabled if you fully understand the implications of enabling user-level MDM (see warning below) and you are happy for AppsAnywhere to enable User-Level MDM on your user's devicesDo Not Allow

Warning

Enabling User-Level MDM can impact existing workflows. Use with caution!

For computers with macOS 10.13.2 and later, the workflow AppsAnywhere uses for enabling MDM for local user accounts will reset any previous User Approved MDM Enrollments. If you use UAMDM as a part of any existing ongoing workflows within your organisation, you should evaluate the impact of these changes before enabling this setting in AppsAnywhere.

See the Jamf Knowledgebase for more information.

Save the connection

Once you have entered all of the relevant details of the connection, hit the Save button button

You will then be sent back to the Viewing Jamf Pro Environments page, where you should see your new connection and the following message: 

Service Account Requirements

For AppsAnywhere to interact with your Jamf Pro environment, a service account is required. The credentials for this service account are entered into the details for the Jamf Pro environment, as described above. 

For security reasons, we recommend creating a dedicated account to use for this integration, the requirements for which are set out below:

  1. Log into your Jamf Pro environment with an account that has permissions to create new users. 
  2. Click on the Settings Cog () in the top right corner
  3. Go to Jamf Pro User Accounts & Groups
  4. Click New
  5. Select Create Standard Account and click Next
  6. Choose a Username for the service user (e.g. appsanywhere_service_user)
  7. Set Access Level to Full Access
  8. Set Privilege Set to Custom
  9. Set Access Status to Enabled
  10. Choose your own Display Name for the user (e.g. AppsAnywhere User)
  11. Enter an Email Address for the account (we suggest a group account, so no one person is responsible for the account)
  12. Choose a secure Password for the account (recommended > 20 characters, random characters including numbers and symbols)
  13. Leave Force user to change password at next login unchecked
  14. Click on the Privileges tab at the top
  15. Select the required privileges as shown in the table below
  16. Click Save

Required Privileges

Jamf Pro Server Objects

Server ObjectCreateReadUpdateDelete
Computers YES  
eBooks YES  
Mac App Store Apps YESYES 
Policies YES  

That's it!