Creating Context-Aware Access Smart Groups

This smart group should contain all the computers that need access to company resources, regardless of whether they are compliant or not.

This smart group should contain the computers that must meet specific criteria to be considered compliant. For example, the criteria could be meeting macOS version requirements, or the presence of a certain application.

Best Practice:

Creating a Compliance Group for macOS

When creating the compliance group for macOS, add the criteria that computers must have to be considered compliant. For example, you may want to include the following criteria:

• Operating System Version

• Last Inventory Update

• FileVault Status

Jamf recommends selecting Send email notification on membership change when creating the Compliance Group to be notified when a computer falls out of compliance.

This smart group should contain all the mobile devices that need access to company resources, regardless of whether they are compliant or not.

This smart group should contain the mobile devices that must meet specific criteria to be considered compliant. For example, the criteria could be meeting iOS version requirements, or the presence of a certain application.

Best Practice:

Creating a Compliance Group for iOS or iPadOS

When creating the compliance group for iOS or iPadOS, add the criteria that mobile devices must have to be considered compliant. For example, you may want to include the following criteria:

• iOS/iPadOS Version

• Jailbreak Detected

• Last Backup

• Passcode Status

Jamf recommends selecting Send email notification on membership change when creating the smart device group to be notified when a device falls out of compliance.