You can migrate macOS devices that are managed by Kandji’s Mobile Device Management (MDM) to JumpCloud’s MDM. JumpCloud’s Admin Portal lets you manage not only your Apple devices, but also Windows and Linux devices in one place to centralize and streamline device management.
The Kandji-managed devices must have been enrolled in Apple’s Automated Device Enrollment with Apple Business Manager (ABM) or Apple School Manager (ASM) before they can be migrated to JumpCloud. After the agent is installed, if a device has an MDM enrollment profile already installed, you’ll use Kandji to remove the device’s enrollment and uninstall Kandji. You’ll then unassign the device in ABM and reassign it to JumpCloud’s MDM, and push the new enrollment profile to the device.
To migrate an Automated Device Enrollment-enrolled device to JumpCloud MDM:
The screens in this procedure are taken from ABM’s 2021 Beta software.
- Install the JumpCloud agent on the device using Kandji’s PKG installer. See the Kandji documentation for more detail. After that, install a Privacy Preferences Policy Control (PPPC) profile for JumpCloud, using the settings described in Granting Full Disk Access Permissions to the JumpCloud Agent for MacOS.
- Confirm that the device appears in the Devices List in the JumpCloud Admin Portal.
- Using Kandji, remove the device from Kandji. See the instructions in the Kandji documentation.
- Unassign the device from your ABM or Apple School Manager (ASM) account:
- Log into your ABM or ASM account.
- Click Devices in the sidebar and select your device.
- Click Edit MDM Server.
- Select Unassign from the current MDM and click Continue.
- Click Continue again.
- Reassign the device to JumpCloud’s MDM Server:
- In ABM or ASM, click Devices in the sidebar and select your device.
- Click Edit MDM Server.
- Select Assign to the following MDM and choose the JumpCloud MDM Server from the list.
- Click Continue and then click Continue again.
- Create a new JumpCloud command to enroll macOS devices in JumpCloud MDM:
- Log in to the JumpCloud Admin Portal: https://console.jumpcloud.com/login.
- Go to USER MANAGEMENT > Users.
- Click ( + ), then follow the instructions in Get Started: Commands to create a new command and name it appropriately (for example, Enroll in JC MDM).
- For Run As, select root.
- Select Mac.
- Enter this in the Command field:
# !/bin/bash
profiles renew -type enrollment - For Event, select Run Manually.
- Select the Devices tab and select the device where you want to run this command.
- Click save.
- Run the command to push the enrollment profile to the device:
- In the Command List, select the check box next to the command you just created.
- Click run now.
- Instruct the user to accept the new enrollment profile on the device.