Support

Usage guide: Lock macOS device

This page outlines various ways to use the pack, including use case examples. Administrators can refer to the Configuration guide to set up and customize the installed content.

The Workflow: Lock macOS device library pack enables EUC teams to:

  • Accelerate response time to secure lost or stolen macOS devices, minimizing security risks and potential data breaches.

  • Reduce the manual workload and potential for human error associated with locking down lost or stolen devices, ensuring greater reliability and consistency in incident handling.

Library pack uses

Use the library pack content for the following purposes.

Visibility

This library pack focuses on the Lock macOS device workflow. It enables L1 agents to quickly and effectively lock lost or stolen macOS corporate devices managed through Jamf Pro.

An ITSM ticket is updated at each step of this process.

Workflow triggering

This workflow is intended to be launched on a specific device during a call with an employee or in response to an issue raised by an employee with a stolen or lost corporate macOS device. This can be achieved using device view (as shown below) or from Amplify. The workflow uses the Incident number parameter to track progress.

An ITSM ticket should be raised before launching the workflow, as it will be updated during its operation.

Workflow parameter: This workflow has two parameters, Incident number and Lock PIN number.

  • Incident number: This ITSM ticket reference will be used throughout the workflow as information is added. It should be entered manually when the workflow is executed.

  • Lock PIN number: The value of this parameter is used to set a 6-digit PIN code required to unlock a device locked by this workflow. It should be entered manually when running the workflow.

Predefined workflow structure and steps

The Lock macOS device workflow is structured in these main steps:

  1. The workflow collects the required details - ticket sys_id and affected device details from this ticket.

    1. The following workflow parameters need to be defined:

      1. Incident number that represents an ITSM ticket created by an L1 agent or employee.

      2. Lock PIN number, which is used to set a 6-digit PIN code required to unlock a device locked by this workflow.

  2. The workflow sends the lock command to the specified device.

  3. The workflow checks whether the target device has received and acknowledged the lock command and updates the ticket accordingly.

The workflow collects the required details - ticket sys_id and affected device details

The workflow starts by retrieving the ITSM ticket sys_idbased on the provided Incident Ticket Number and validates the result of this retrieval. If the ticket sys_id cannot be retrieved, the workflow is terminated. In case of successful retrieval, the workflow retrieves the affected device details from Jamf Pro and validates the result. In case of failure to retrieve the device details, the workflow terminates. The results of both actions are logged in an ITSM ticket.

The workflow sends the lock command to the specified device

If the previous step was successfully completed, the workflow proceeds to issue the lock command to the target device using the Jamf Pro agent via the Jamf Pro API. The workflow then pauses for 10 minutes before proceeding to the next step.

The workflow checks whether the target device has received and acknowledged the lock command and updates the ticket accordingly

Finally, the workflow attempts to retrieve the applied command details and checks if the retrieval was successful. If not, the workflow updates the ticket and exits. Otherwise, it checks the command details to confirm that the device has received and acknowledged the command, meaning that the target device has been locked. The workflow then updates the ticket with the results of these checks and exits.

RELATED TOPICS

Last updated

Was this helpful?