Implement a Zero-Touch MacOS Onboarding Workflow Using JumpCloud and a Non-JumpCloud MDM Provider

MacOS devices can be enrolled in only one Mobile Device Management (MDM) provider. You can use a non-JumpCloud MDM provider to onboard macOS devices. 

If you prefer to use a non-JumpCloud MDM provider, you can create a zero-touch macOS onboarding workflow by pairing the JumpCloud directory with a non-JumpCloud MDM solution: 

  • Zero-touch macOS onboarding workflows that leverage the JumpCloud directory let you fully automate onboarding, set up, and configuration of macOS devices and the user accounts provisioned to these devices.
  • You can pre-stage settings for onboarding macOS devices within MDM and pre-stage settings and resource access for new users in the JumpCloud directory.
  • Local device and JumpCloud user accounts can activate during the device onboarding process, which leads to time savings and efficiency gains for IT teams.
  • For devices running macOS Monterey and later, you’ll need to configure a Privacy Preference Policy Control (PPPC) profile to let JumpCloud apps access certain files used for system administration, and allow access to application data. For more detail on this type of privacy preference, see Apple’s developer documentation.

The MDM solution described in this article is not a JumpCloud MDM server. JumpCloud offers an extensible MDM workflow that leverages a custom PKG, which must be created and signed with an Apple Developer account by the JumpCloud admin. This PKG installs the JumpCloud agent after MDM enrollment and provides end users with a tailored onboarding experience. For instructions, see JumpCloud MDM PreStage user enrollment workflow.

Before you install the JumpCloud agent on a device running macOS Monterey 12 or newer, you’ll need to install a PPPC profile for JumpCloud. Use the settings described in Granting permissions for a device that is not enrolled in MDM in Grant Full Disk Access Permissions to the JumpCloud Agent for MacOS.

Tip:

Consider using JumpCloud’s zero-touch onboarding for a complete end-to-end onboarding solution. If you set up JumpCloud as your MDM server and Apple’s Automated Device Enrollment to enroll your devices, you can create a custom onboarding experience for your users and automatically bind those users to their devices. See Add Company-Owned Apple Devices to MDM with Device Enrollment.

Still Have Questions?

If you cannot find an answer to your question in our FAQ, you can always contact us.

Submit a Case