We use a product called Tanium for asset management.  There is a macOS client and I would like to be able to push it to all macOS devices. So far, i'm not having much luck.    Anyone out there ever successfully done this? ... View more

We recently setup AD integration on an MX for the purpose of enrolling a user's BYOD Android device.  We can make it work, but, the issue we run into is this:  When we create Android configuration setting, we can ONLY get it to work if we use the "Owner Email" and "Owner Username" as the values for their respective keys.   The problem with that is that the AD sync process only sets the user name as username@domain.com which is replicated as the email address.  Unfortunately, we use firstname.lastname@domain.com as our email address format.  Further, to successfully login, the user name must be in the format of domain\username which is not what the AD sync sets as the owner username.   We tried using setting the key value type to TXT and using variables of $emailaddress$ and $username$ as the instructions indicated was possible but, either we did it wrong or it just doesn't work as designed.   At this point, we're stuck with having to manually adjust the owner information to get Androids to work.  iOS devices do not have this issue as you can set the domain information in the apple mail settings profile.   Any ideas/guidance would be appreciated. ... View more

We recently setup AD integration on one of our MX's to leverage that for user enrollment of their BYOD devices (Apple or Android).  We have it working (for the most part) but have noted that it automatically pulls all of the user's Active Directory Group tags into the device's profile.     These are unnecessary for our deployment.    Does anybody have a clue on how we can prevent those tags from being pulled in?  Truthfully, we don't need any of the AD groups to sync. ... View more