On Monday, 10/4/2021, an announcement will be sent to all CN and Cosine customers about changes coming for management of OSU-owned Apple devices.
The announcement notifies customers of the following upcoming changes:
- All Apple devices will be enrolled in Microsoft Defender for Endpoint (MDE) for antivirus/antimalware.
- All Apple devices will be enrolled in JAMF for OS and software updates and inventory. (Note: most CN Macs are already in JAMF, but most Cosine and Hatfield computers are not.)
- New Apple devices will be domain-joined and users will login with their ONID account.
- On New Apple devices, users will no longer have local admin, except in specific cases.
- The use of Apple IDs and applications that require Apple IDs will be minimized.
The announcement is going out as a heads up to customers. However, at this time we are not quite ready to join all Macs to Active Directory. In particular, there are some issues with domain joining Big Sur computers. The Infrastructure and Endpoint teams are working on this issue and hope to have it resolved soon.
As we setup new Macs (or “rebuild” existing Macs) we should make sure they have MDE installed, but do not need to domain join them yet. I hope to have an update on that by the end of next week.
I have started an internal FAQ for questions about the “Defend the Macs” project and upcoming changes to Apple device management – let me know what additional questions you have: https://oregonstate.teamdynamix.com/TDClient/1935/Portal/KB/ArticleDet?ID=134596