Closed astrugatch closed 1 month ago
The endpoints that Jamf Admin used were very old and didn't meet our security standards, which was one of the main reasons for its demise. Transmitting credentials for file share distribution points is insecure by nature since those credentials aren't unique to each user and don't automatically expire. If you do enter credentials incorrectly and store it in the keychain, first close Jamf Sync and then go into the "Keychain Access.app" and search for "jamfsync". That will show all of the keychain items used by Jamf Sync. Find the one labeled "com.jamfsoftware.JamfSync.dp (YourDpUrl)" and delete it. Start Jamf Sync again and when you select that distribution point, it will prompt for the credentials again.
Not planning to do this due to security concerns.
When syncing between an on-prem repo and the JCDS the first time, JamfSync requests the SMB RW password for the share. Is it possible for it to pull this information from the JSS in the same way JamfAdmin currently does? I had an issue where I typo'd the PW for one of my SMB shares and despite pulling it from keychain the share continued to give issues mounting on that system. Removing the human element from the process seems ideal.