Usage guide: Jamf agent health

Introduction

This library pack helps you monitor the presence, health, compliance, and status of Jamf agents on macOS devices in real-time with an all-in-one dashboard to detect issues such as agent health or missing agents.

Please keep in mind this is a guide and represents just some of the potential insight and actions you can take. There are many use cases and specific troubleshooting scenarios that you might uncover in your environment.

Ensure your library pack is properly configured by following the steps highlighted in its configuration guide:

Configuration guide: Jamf agent health

Pack structure

Overview of the Jamf agent environment

The "Jamf agent health" live dashboard acts as the central point of this library pack. With this dashboard, you can quickly identify devices that have agent health issues, are out of date, or even have no agent.

Use cases

Monitor and troubleshoot Jamf agent adoption

The Jamf status section helps identify devices that do not have the Jamf фgent installed or are not running the Jamf фgent and require urgent attention, as these devices may not be in compliance with corporate policies and may pose security risks.

To ensure that all managed macOS devices have the Jamf agent installed and running, the following remediation steps are suggested:

1. Ensure network connectivity between endpoints and all Jamf Server components.

2. Check your Jamf agent deployment policy.

Monitor and troubleshoot device enrollment issues

The Jamf profile status section helps identify devices that are not enrolled in Jamf, or are enrolled without the use of Jamf Automated Device Enrollment (ADE). This may indicate Jamf configuration issues or gaps in the device procurement process.

To ensure that all managed macOS devices are enrolled with Jamf using the correct enrollment method, the following checks are suggested:

1. Ensure network connectivity between endpoints and all Jamf Server components.

2. Ensure that the desired Jamf enrollment method is enabled and properly configured on the Jamf tenant side.

3. Check the enrollment method

For ADE enrollment, ensure the following components are present and correct on the Jamf side:

• Apple Push Notification Service (APNs) certificate

• Device assignment to Jamf in Apple Business Manager (ABM) or Apple School Manager (ASM)

• Presence of prestage enrollment profile.

For user-initiated enrollment, make sure the following components are present and correct on the Jamf side:

• Apple Push Notification Service (APNs) certificate

• Enrollment URL

• User enrollment MDM profile.

Assess and troubleshoot Jamf agent connectivity

The Connectivity section indicates devices that have problems connecting to Jamf Server and its required components, which may pose risks due to possible non-compliance of these devices.

To troubleshoot Jamf-managed devices that are having trouble communicating with Apple Push Notification Service (APNS) or the Jamf server, the following checks are suggested:

1. Ensure network connectivity between endpoints and all Jamf Server components.

2. The presence and validity of an Apple Push Notification Service (APNs) certificate.

RELATED TOPICS

• Live dashboard

• Manage Remote Actions