Internal Changes versus Jamf Vendor Changes
The sections below distinguish internal changes by Stanford University IT versus external updates administered by the Jamf Cloud Team. Note that the listed internal changes only include global changes -- not the additional configurations and automation Distributed IT might deploy to their respective Jamf Site(s).
More Information
If you cannot find more information about an item in our #jamf or #cop-macs Slack channels, feel free to inquire with us in #jamf or #eed-public.
Also, see the section below for official Jamf documentation.
- Internal Changes by Stanford University IT
-
Networking - Disable macOS MAC Address Randomization/Rotation on Stanford Wi-Fi and eduroam Wi-Fi
September 15, 2024
- Before Apple's macOS 15 Sequoia release on September 16, 2024, configure Jamf Pro to deploy profiles that set "Private Wi-Fi address" to "Off"
- Disabling this feature on macOS 15+ computers for Stanford or eduroam Wi-Fi networks aligns with Jamf-enrolled mobile devices (e.g. iPhones) also prevented from randomizing their MAC addresses
- Preventing MAC address randomization streamlines the Stanford Network Registration process by eliminating the need for repeat registrations
Performance - No longer including unmanaged certificates in Jamf inventory (ADJUSTED)
August 29, 2024
This is an adjustment to the July 11, 2024 unmanaged certificate collection change
- Unmanaged certificate collection for Mobile Devices has been re-enabled as a requirement for mobile device Cardinal Key certificate reporting in MyDevices
- Unmanaged certificate collection for Computers remains disabled, because we use a unique method for computer Cardinal Key certificate reporting
- Jamf assured us of no performance degradation related to re-enabling Mobile Device unmanaged certificate collection
Bulk Action/Automation Enabled - Deploy Self Heal (Framework Redeploy) to Non-Communicative Computers
July 18, 2024
- Deployed Self Heal to devices which haven't checked-in or sent inventory for 355 days
- This work was done in order to remediate a possible bug where the Jamf Binary stops working properly but the MDM Profile is working on an active device
- Automation deployed to continuously deploy to devices as they meet the aformentioned criteria
Performance/Bug - Shorten Computer Inventory Retention History
July 12, 2024
- Jamf will be set to retain Computer Inventory data for 1 week, instead of 3 months
- This setting is being reinstated after our Jamf Pro 11.6.1 upgrade on July 10, 2024 set the value back to 3 months from its expected setting of 1 week
- This is necessary to reduce database load and storage requirements incurred by long retentions periods
Performance - No longer including unmanaged certificates in Jamf inventory
July 11, 2024
- Jamf will no longer include unmanaged certificate information in Jamf inventory data collected for every computer and mobile device
- This will alleviate the database load and storage requirements created by devices with over 1,000 certificates otherwise captured in their Jamf inventory data
Performance - Scaled our server settings in line with Stanford reaching a device count tipping point
July 10, 2024
- Jamf will only retain computer policy (e.g. automated application installation) history for 1 month, instead of 3 months
- This change is by Jamf's recommendation to optimize our server's ability to reliably manage of our device population size and automation use cases
Security - macOS - CrowdStrike Falcon Sensor installation/removal automations now account for Zoom meetings in session
June 6, 2024
- Jamf no longer proceeds with CrowdStrike Falcon Sensor installation/removal, if a Zoom session is detected
- Jamf will now defer automated Falcon Sensor installation/removal to another time when neither a VPN session nor Zoom session are detected
- This is to avoid unexpected disruptions to network connectivity while VPN is in use and/or while in a Zoom meeting
Setup Assistant - macOS - Removed Automated Device Enrollment (ADE) pane warning of the computer account creation bug
June 2, 2024
- The ADE pane entitled "Stanford University - Device Enrollment - Important Message" has been removed, no longer appearing just before Stanford SSO login during setup of macOS
- This message was only necessary to warn of the possibliity of macOS skipping the prompt to create a computer account due to a Jamf Pro 10 bug; this is now fixed with our upgrade to Jamf Pro 11
- The new duplicated default PreStage Enrollments created as a work-around for this bug are no longer default; the original PreStage Enrollments were reinstated as the defaults
Maintenance - Renewed/replaced Jamf enrollment certificate for MDM Profile ("Stanford Device Management")
February 28, 2024
- For those with an expired date for the device-enrollment.stanford.edu certificate, it can be ignored; and the “Unverified” status does NOT affect Jamf functionality whatsoever. It also has no impact on device compliance.
- If the "Unverified" status is concerning for any reason you can submit a ticket to discuss options with EED.
Security - macOS - Discontinued automatic disablement of Cisco AnyConnect Socket Filter (SOM Site)
February 7, 2024
- In the School of Medicine's SOM Site, Jamf no longer automatically disables Cisco's AnyConnect Socket Filter -- formerly the cause of macOS network instability most prominently in 2022
- Disabling the Cisco AnyConnect Socket Filter is also no longer a prerequisite to receive Jamf's automated CrowdStrike Falcon Sensor installation
Security - macOS - Discontinued automatic deployment of CrowdStrike Falcon Sensor to macOS 11 (Big Sur)
December 20, 2023
- Jamf no longer automatically deploys CrowdStrike's Falcon Sensor to macOS 11 (Big Sur) as of today
- This aligns with CrowdStrike (i.e. the vendor) ending support for macOS 11 (Big Sur) by the end of 2023
Performance - Shorten Computer and Mobile Device Management History
December 8, 2023
- Jamf will only retain Computer and Mobile Device Management log history (related to APNs commands) for 1 month, instead of 3 months
- Required to reduce a significant source of database table size bloat, increasing overall service performance and reliability
Fix - macOS - Resolved Setup Assistant's missing Computer Account creation screen
November 14, 2023
- Through 2023, we experienced an increasingly high incidence of the "Create a Computer Account" screen's failure to display during Setup Assistant
- After discontinuing the creation of Jamf's deprecated "management account" upon computer enrollment, macOS now consistently presents its "Create a Computer Account" screen during Setup Assistant
Performance - Scaled our server settings in line with Stanford reaching a device count tipping point
November 1, 2023
- Computers will poll for pending Jamf automations every 30 minutes, instead of every 15 minutes -- some may know this as the Jamf computer "Recurring Check-in Frequency"
- Jamf will only retain computer policy (e.g. automated application installation) history for 3 months, instead of 1 year
- The changes above are by Jamf's recommendation to optimize our server's ability to reliably manage of our device population size and automation use cases
Bug - macOS - Communicated persistence of Setup Assistant's missing Computer Account creation screen
October 26, 2023
- Updated our messaging (e.g. this Jamf FAQ item) to indicate macOS Sonoma has not yet included a fix to the macOS Setup Assistant bug
- We still occassionally do not see the "Create a Computer Account" screen at Setup Assistant completion, and must rely on our interim solution per this Jamf FAQ item
Security - macOS - Discontinued automatic disablement of Cisco AnyConnect Socket Filter
October 18, 2023
- Jamf no longer automatically disables Cisco's AnyConnect Socket Filter, known to be the cause of macOS network disconnections in 2022
- CrowdStrike automations no longer require the Cisco AnyConnect Socket Filter to be disabled before a computer can receive an automated Falcon Sensor installation
Security - macOS - Automations updated to target macOS Sonoma 14
October 12, 2023
- Updated CrowdStrike automations to target macOS Sonoma -- Cardinal Protect computers includedCompliance - macOS - Incorporated additional intelligence into the Nudge experience
September 29, 2023
- Enhanced our Nudge automations by introducing intelligence gathering on the health of macOS' Software Update service
- Incorporated our ability to only display Nudge when macOS' Software Update is "healthy" and likely to display accurate update information
- Vendor Changes by Jamf Cloud Team
-
Jamf Cloud Version Upgrade to Jamf Pro 11.9.1
September 15, 2024
- Enables our ability to manage macOS 15 Sequoia's "Private Wi-Fi address" feature
- Introduces additional database enhancements for improved server performance and reliability
Jamf Cloud Version Upgrade to Jamf Pro 11.6.1
July 10, 2024
- Jamf Cloud version 11.6.1 fixes the following high-visibility bugs:
- Attempting to install an MDM profile over an existing one -- as a troubleshooting method -- causes a computer to become "Unmanaged" (exacerbating whatever Jamf issue the person may have been trying to resolve)
- Viewing a computer's "Enrollment Method" property is blank; though the information exists in the Jamf database, it fails to display in the Jamf Cloud console
- Jamf Cloud version 11.6.1 introduces database enhancements resulting in better server performance and reliability
Jamf Cloud Version Upgrade to Jamf Pro 11.4.2, Migration to Modern Infrastructure
June 2, 2024
- The Jamf Cloud Team upgraded our Jamf Cloud instance to version 11.4.2, then moved it to their modern (Kubernetes) infrastructure.
- Jamf Cloud version 11 enables our access to the latest Jamf and Apple MDM management features (e.g. Declarative Device Management, Jamf Remote Assist, ...).
- Their modern infrastructure brings us a more resilient Jamf experience with automatic scaling of resources upon changes to server load.
Jamf Cloud Database Preventative Maintenance
December 3, 2023
- To maintain overall service availability and responsiveness, the Jamf Cloud Team will trim over-sized database tables down to more manageable sizes.
Jamf Cloud Database Server Upgrade
November 18, 2023
- To improve performance and overall reliability of our Jamf Pro Database Server the Jamf Cloud Team added additional system resources.
Jamf Cloud Upgrade - Version 10.50
October 22, 2023
- Initial support for features of macOS Sonoma 14, iOS 17, iPadOS 17, tvOS 17
- Introduces our ability to work around the Computer Account creation bug related to the unresolved Mac Setup Assistant problem
- Jamf documentation for version-specific enhancements, removals, and resolved issues
-
New Features and Enhancements
Deprecations and Removals
Resolved Issues