We have abandoned strict MDM in favor of cross-OS functionality in our existing systems. Google...


Userlevel 2
Badge +5
  • Active Member
  • 2646 replies

We have abandoned strict MDM in favor of cross-OS functionality in our existing systems. Google MDM for mobile devices, JumpCloud for Windows and Mac. JumpCloud didn’t used to have much more than a CLI capability but in the last year they’ve expanded to include Group Policy Objects and more robust Mac MDM.



🗨 Link to Slack thread

6 replies

Userlevel 2
Badge +5

Here’s a link to their system management overview: https://jumpcloud.com/product/cloud-system-management

Userlevel 2
Badge +2

That's a great solution when you can leverage JumpCloud for your DaaS. We're heavy on AzureAD, and ran into some hiccups and hurdles when exploring JumpCloud. If you're on G Suite, or still using on-prem AD, JumpCloud is the way to go.

Userlevel 2
Badge +5

Yup, Jumpcloud is great for G Suite orgs, but it works with O365 too! I like that you can manage systems and users separately or together. It’s our primary IdP, but we also have Okta connected via LDAP for the moment to handle merger/acquisition complexity.

Userlevel 2
Badge +5

(Sorry I missed this lol last week sucked)

Userlevel 2
Badge +2

Yes, it does work with O365. If you've built up AzureAD though (including SSO integrations and just in time provisioning) it's a lot of work to switch over. It's probably been a year now since I was talking with them, but the way they tied into O365/AzureAD was going to nullify a lot of what our DevSecOps team had been implementing, so we weren't going to be able to implement it. If we had been able to use AzureAD as the IdP, with JumpCloud pulling from there, it would have worked, but JC needs to be the IdP. Okta, Duo, etc., can tie into AzureAD a little easier. The negative is... we don't get the awesomeness that is JumpCloud.

I'm afraid to ask why last week sucked, but hope this one is better!

Userlevel 2
Badge +5

Hmm. That makes sense. They added additional AD integration in recent memory but I don’t know if it nullifies the requirement for Jumpcloud to be the IdP. To my knowledge, jumpcloud doesn’t have a way to ingest passwords or read them back from another source (like for the laptop SSO) so that’s probably part of it.

Reply