Fortinet black logo

Configuring Jamf integration

Copy Link
Copy Doc ID a528a021-e577-11e9-8977-00505692583a:691222
Download PDF

Configuring Jamf integration

To configure integration between Jamf and FortiClient iOS:
  1. In Jamf, go to All Settings. Configure the settings in SMTP Server and Push Certificates.

  2. Go to Global Management, and enable User-Initiated Enrollment.

  3. Go to Mobile Device Apps and add FortiClient from the App Store or by uploading it.

  4. Configure how the app is installed.

  5. Add App Configuration for FortiClient iOS. This enables FortiClient iOS to read the MAC address and UDID from the iOS device. FortiClient sends this information to EMS. Supported keys include the following:

    Key

    Description

    mac_address

    The iOS device's MAC address.

    udid

    The iOS device's UDID.

    group_tag

    This value is used as a group tag for configuration in EMS. In the example below, the string "field_engineer" is used as a group tag, which is used when FortiClient iOS initially connects to EMS. See Group assignment rules in the FortiClient EMS Administration Guide.

  6. Configure a configuration profile:
    1. Go to Configuration Profiles and add a configuration profile.

    2. Under Options, select Content Filter. Add a content filter to point to the desired EMS.

    3. Enable Single App Mode for FortiClient. Single app mode launches the FortiClient app and connects it to EMS. If FortiClient is not launched in single app mode, it does not connect to EMS.

  7. Enroll the device:
    1. Go to Devices > Enrollment Invitations, then send an enrollment invitation to the device.

    2. Enroll the device.

  8. When the device is enrolled, FortiClient iOS automatically connects to on-premise EMS or FortiClient Cloud, depending on the configuration. Once FortiClient iOS is connected to EMS, disable single app mode for the device. Keep the EMS URL in the Content Filter section.

    The below shows the on-premise EMS GUI after FortiClient iOS connects Telemetry.

Configuring Jamf integration

To configure integration between Jamf and FortiClient iOS:
  1. In Jamf, go to All Settings. Configure the settings in SMTP Server and Push Certificates.

  2. Go to Global Management, and enable User-Initiated Enrollment.

  3. Go to Mobile Device Apps and add FortiClient from the App Store or by uploading it.

  4. Configure how the app is installed.

  5. Add App Configuration for FortiClient iOS. This enables FortiClient iOS to read the MAC address and UDID from the iOS device. FortiClient sends this information to EMS. Supported keys include the following:

    Key

    Description

    mac_address

    The iOS device's MAC address.

    udid

    The iOS device's UDID.

    group_tag

    This value is used as a group tag for configuration in EMS. In the example below, the string "field_engineer" is used as a group tag, which is used when FortiClient iOS initially connects to EMS. See Group assignment rules in the FortiClient EMS Administration Guide.

  6. Configure a configuration profile:
    1. Go to Configuration Profiles and add a configuration profile.

    2. Under Options, select Content Filter. Add a content filter to point to the desired EMS.

    3. Enable Single App Mode for FortiClient. Single app mode launches the FortiClient app and connects it to EMS. If FortiClient is not launched in single app mode, it does not connect to EMS.

  7. Enroll the device:
    1. Go to Devices > Enrollment Invitations, then send an enrollment invitation to the device.

    2. Enroll the device.

  8. When the device is enrolled, FortiClient iOS automatically connects to on-premise EMS or FortiClient Cloud, depending on the configuration. Once FortiClient iOS is connected to EMS, disable single app mode for the device. Keep the EMS URL in the Content Filter section.

    The below shows the on-premise EMS GUI after FortiClient iOS connects Telemetry.