As part of working with the Jamf Infrastructure Manager (JIM), I wanted to see if I could find a least-privileged way to enroll a JIM with a Jamf Pro server. As it turns out, it’s pretty straightforward. For more details, please see below the jump.
To set up a JIM, three account privileges are required:
Jamf Pro Server Objects: Infrastructure Manager Instances: Create, Read, Update
To set up a user account with the specified privileges, please use the procedure below:
1. Log into your Jamf Pro server using an account with administrator rights.
2. Go into Management: System Settings: Jamf Pro User Accounts & Groups
3. Click the New button.
4. Select Create Standard Account and click the Next button.
5. Set up a new account with the following account privileges:
Infrastructure Manager Instances:
Create, Read, Update
6. Once the new account has been set up and configured as desired, click the Save button.
The account should now be available to help set up new Jamf Infrastructure Manager instances.
