...
By Texas state law, all state-owned computers must either us use encryption to protect user data stored on the device, or the computer must be configured so that it does not retain any user data.
...
NOTE: When delivering a LAITS provisioned FileVault enabled device it will be necessary to login with the first deploy user account, boot macOS, and then logout in order to enable JAMF Connect to be used by the new user. On single user computers once the new users account is created the deploy user account is removed from the machine.
Off Campus Internet Considerations
While not exhaustive, we have tested numerous WiFi connections that are off campus and found that all of the ones we have tried (protected and public) have worked properly using the WiFi connectivity interface within the JAMF Connect login application.
Our Faculty and Staff implementation of JAMF Connect
Our On campusour LAITS Faculty Faculty and Staff implementation of JAMF Connect leverages a configuration profile for WiFi that allows the machine to connect to the UTEXAS wireless SSID in order to facilitate the new user authenticating with JAMF Connect and setting up their user account on the computer. Once the deployment is complete that configuration profile is removed from the device and is no longer needed as the user will be added to the approved FileVault users list.New machines that use an the utguest wireless SSID to give the computer temporary internet access long enough to allow the first user to authenticate on the machine and establish their user account. Once their user account is created the computer forcibly drops the utguest SSID and prompts the user to join the utexas SSID which is more appropriate and allows them access to UT faculty/staff network resources.
Newmachines that use a wired Ethernet connection for internet connectivity will simple ignore the WiFi profile as it is not needednot need to use WIFI connectivity.
Our Research implementation of JAMF Connect
Our LAITS On campus our LAITS Research implementation of JAMF Connect leverages a configuration profile for WiFi that allows the machine to connect to the UTEXASutexas-IOT iot wireless SSID in order to facilitate the new user authenticating with JAMF Connect and setting up their user account on the computer. Once the login is completed the WiFi connection to the UTEXAS-IOT SSID is dropped and the machine joins the UTEXAS SSID. First time users will be asked for their credentials to join the UTEXAS SSID, subsequent logins will automatically swap over with no prompting. This setup requires additional setup in the XMP Network Portal including identifying the computer itself which must be in ISORA, as well as setting up a group Pre-Shared Key for authenticating to the utexas-iot wireless SSID. The machine will then use the utexas-iot wireless SSID anytime a WIFI connection is needed.
New machines that use an a wired Ethernet connection for internet connectivity will simple ignore the WiFi profile as it is not needednot need to use WIFI connectivity.
Our Student Lab and Classroom implementation of JAMF Connect
NOTE: These machines do not have FileVault enabled and therefore macOS boots immediately to the JAMF Connect login window. We use a user profile policy that runs at the login window and is triggered when the previous user logs out to ensure these devices do not retain user data.
Our On campus our LAITS Student Student Lab and Classroom implementation of JAMF Connect leverages a configuration profile for WiFi that allows the machine to connect to the UTEXASutexas-IOT iot wireless SSID in order to facilitate the new user authenticating with JAMF Connect and setting up their user account on the computer. Once the login is completed the WiFi connection to the UTEXAS-IOT SSID is dropped and the machine joins the UTEXAS SSID. Since we use a user profile policy to ensure these devices do not retain user data, users will be asked for their credentials to join the UTEXAS SSID, on EVERY login. For this reason we highly recommend these machines use Ethernet for connectivity whenever possible.New machines that use an . This setup requires additional setup in the XMP Network Portal including identifying the computer itself which must be in ISORA, as well as setting up a group Pre-Shared Key for authenticating to the utexas-iot wireless SSID. The machine will then use the utexas-iot wireless SSID anytime a WIFI connection is needed.
New machines that use a wired Ethernet connection for internet connectivity will simple ignore the WiFi profile as it is not needednot need to use WIFI connectivity.