Please share with the community what you think needs improvement with Jamf Pro.
What are its weaknesses? What would you like to see changed in a future version?
The reporting with PowerBI could be improved.
The self Service UI needs some real improvement; they recently revamped the app, but I don't know if those changes have been for the better. The App Store deployments are incredibly unreliable, however, I think this might be more of an Apple issue than a Jamf issue. The patch feeds are quite extensive. I would like to see the ability to create custom patch definitions and host those directly in Jamf Pro. It's not specific to the product, however, I wish Jamf was more communicative/responsive to the feature requests section of Jamf Nation. They don't need to approve all of the requests, but offering response/feedback/status would be greatly appreciated by the community.
Every once in a blue moon, we wind up with a rarely-seen superbug that takes support weeks to months to solve. The good news is that they are rare and not across the platform. Just us.
One of the big areas in need of improvement is automated device naming for computers. You can do this via mobile devices in the pre-stage but not for computers. Having the ability to assign devices to a specific pre-stage enrollment group, and having said group identify all of the systems via a specific prefix/suffix, would benefit us a lot and keep better consistency when it comes to users' machine names. Improved Patch Management is something that is in the works, I know, but having access to more applications or even improving the method to organizing/configuring patch management will be beneficial. Currently, setting it up is a painful process.
The patch management is not automated in any way, and you have to do a lot of manual work to upload the current version of applications. In some cases, you have to repackage it before uploading it. This means that it's a lot of manual work before you can apply the patch policies to clients.
The on-going improvements & innovation that Jamf provides over time is something that needs to be maintained, as it is what is needed to fulfill a business & team need at the right time.
I believe they should be able to add touch IDs for the admin, which would allow for adding the IT team's fingerprints to the scope and set it up to get into the computers quicker. It will be very helpful if we could restore users after they have been removed from Jamf because I have some cases of deleting a computer before unlocking it.
I would like to see tighter integration with Jamf Protect in the future releases of Jamf Pro. It has been a great system that allows us to know what is happening on all of our OS X Devices. Jamf as a whole has come a long way and maybe more of an integration between the entire suite of Jamf products would be helpful. Login info from Jamf Connect in the Jamf dashboard could be helpful but for the most part, we have nothing to complain about with our Jamf system.
Knowledgebase articles should be introduced in Jamf Pro. Light and dark background features should be included while logging in to Jamf Pro. The Jamf training curriculum needs to be revisited, especially 400. Jamf should give the option to download individual device policy logs, as this capability would really help to diagnose issues. NoMAD is a really powerful tool and Jamf should have a dedicated support queue for NoMAD issues. Jamf should create an inbuilt policy in case the user obtains a device, it should enroll the device automatically. The Jamf Reset app is helpful but it’s only available only for iOS. Likewise, we should have the Jamf Reset app on macOS.
The integrated patch feature is good but needs some tweaking. As of now, there is no option for the user to defer the installation of a patch. You can either give them the option to install the patch through self-service, which needs an active part of the user to do it, or you can force the installation. However, with the force of the installation, there is potential data loss, because an App that you want to patch needs to be closed for it to work. The information explaining that the app will be closed for patching is almost not noticeable for the user. Therefore we do no use the integrated patch management technology and build our own logic to work around it.
I would like to see more robust reporting options for data. Right now there are data points you can configure on your login screen to monitor system health, device health, battery charge, OS versions, lost devices, etc., but there are no real reports you can run about device updates, maintenance, user metrics, etc. I would like to see either a report section or an integration with a new reporting module to allow us to pull real metrics from the system easily. This will facilitate IT's ability to say, hey, budget people, here's why we need this.
The reporting needs to be improved so that generating them is more user-friendly. The reporting should have more of a graphical interface. For example, if you want to create a report on how many computers have been checked in the past 30 days you can produce it. However, it is not something that you'd like to give to a CIO. It will export data into a spreadsheet, but executives don't want to look at spreadsheets. Rather, they want to look at bar graphs, charts, and visuals with percentages. The prices are expensive and should be reduced. When we paid for training, we could not have all five people training at one time. I thought that if we were paying $18,000 USD then we could have everybody training at once. However, this is not the case and it doesn't make sense to me. The response time for technical support could be better.
The product is pretty good as-is, but if anything could be improved I would say the UI could perhaps be a bit simpler. A mobile app to complement the web-based version, to perform specific tasks, would be nice to have - a good example of what I mean is the "Pulseway" MDM for Windows, they have a very useful and user-friendly mobile app. I use that mobile app to do simple things like reboot/update user machines, push out policies, etc. Other than all that, a little more person to person training when onboarding, included with the purchase perhaps.
Patch Management needs work to be efficient. Cost is also a factor, given Jamf has a full feature set; however, it's pricey.
I wish the inventory would have its own pane without having to do it as a search. Hopefully coming soon! Sometimes, I would just like to browse our fleet and can feel that the extra step of doing a clean search is a bit unnecessary. With that said, it's not hard to do it the way it is now. Maybe this is just as good of a solution for this and I just need some time to get used to it. The same goes for the user inventory. I would also appreciate even more included attributes, and this is probably something you could never get enough of.
It would be great if we get an email notification when the Mac users install any apps, so IT can be alerted.
One of the included Jamf Applications, Jamf Remote, is somewhat flaky. It's never worked for me when I've tried to access a remote device that is not on the same network, so the one thing that I would like to see improved/implemented is remote support and I believe Jamf have something in the pipeline. The ability to provide remote support access to end user devices, preferably in a similar manner to Apple Remote Desktop (ARD), Desktop Central's solution or Teamviewer.
The solution should offer beta testing for new products. The solution needs more demos for when new releases come out to help us understand the changes and how to use new features.
I've been thinking about improvement and I think it would be much advantageous to have some sort of remote desktop application that could be implemented to help the remote workforce during the Work From Home times. Also, I think that there should be some sort of mobile app that will help you manage the devices from an iOS device quickly in case some times you cannot be at your computer. I think that there should also be more integrations with Jamf that could better the intelligence-gathering when making business decisions.
Sadly, my environment is closed off from the internet so I cannot benefit from all the tools, but with what I can use, I can only say that I would love to see a more customizable dashboard. In my agency and department, I use tons of tools for scanning, remediation, and reporting. Tools like ACAS and McAfee HBSS have very detailed dashboards if you wish to view more. As stated prior, with reporting being vital, having more detailed, customizable reports that offer graphs, percentages, etc can be useful when looking for quick glance of status when you may not have the time for generating a detailed report. I would love a bit more of government customer support and reach out. There is a ton of support for the educational fields, understandably, but I would love to see a small team also dedicated to government support.
I think that some of the feature requests on Jamf Nation have been sitting out there for a long time with no movement, showing as 'planned' for a really long time, and nothing seems to ever become of them. That is disheartening, but if it is an easy fix it gets done, and if it would benefit a wide variety of users they work to get it done. Technical support is in need of improvement.
The only thing I sometimes struggle with is file management of our packages which resided on the Cloud instance of the file repository. Jamf doesn't make the Cloud file system visible so there are rare occasions where the local repository and Cloud repository get out of sync. This is a minor issue, however. The few times that this has ever caused problems for me, I was able to reach out to Jamf support and during a quick phone call, the tech support team was able to identify my issue and offer a quick solution.
Some improvement can be made in the customer service realm, while also making additional training level courses available for online study and exam-taking. For example, exams at the 200 level.
I would like to be able to see what policies and configuration profiles are tied to what Smart/Static groups. I would like some of the management features available for mobile devices to also be available for computers using the web interface. I would also like to go back to the days where I had one dedicated support rep to contact.
I would love to see an integrated ticketing system built-in, better reporting templates to help analyze the data (software usage, etc.), and integration with FREE SSL Cert (letsencrypt.org) with auto-renewal. Wishful thinking on that last one because Jamf recently acquired DigiCert. One can only hope.
An in-house chat room would be a great way to communicate with your team when you aren't physically present with them. Also, the ability to add notes on devices, so that a history can be shown as to why a user has done certain things, such as their troubleshooting process or just general thoughts.
I can think of only two ways that Jamf could be improved for us at the moment. Primarily by adding the ability to schedule policies for devices. The ability to ask a device to run a policy regularly would be a real advantage. The other thing would be the ability to brand the Jamf admin portal to match the rest of the organization.
A more modern UI in the next release will make the product absolutely perfect.
The cloud version sometimes gets a little slow and https:// is always required when entering the URL. There is still no feature for properly patching T2 Security Chip-enabled Macs. Admins must set up custom-built scripts to get around this functionality miss. Apart from that, it's good.
This solution would benefit from more focus on Self Service, such as Office 365 and GSuite integration. At the moment, if you want to display cloud-hosted content in the Self Service app for distribution to all staff then you have to add it as a web link (it’s a little clunky). Direct integration would make this better.
I would love for it to be able to be the only management tool of my organization. If it could do ticketing and non-Apple devices then that would be huge. The setup could be made a lot easier, too. Currently, it takes a full day of work to troubleshoot database issues.
I think that the zero-touch enrolment could be improved. I would like to have the ability to push scripts using MDM commands.
I wish there was a profile that could be created for configuring Apple software updates on a global basis for our devices, via a configuration profile.
Why is one better than the other?