Skip to main content
All CollectionsTemplatesIntermediate
Compliance - Provide temporary Device Admin to Mac users (JAMF) - Workflow Template
Compliance - Provide temporary Device Admin to Mac users (JAMF) - Workflow Template

Receive a request over Slack for temporary assignment of admin permissions. Get approval from Security channel, update policy on Jamf.

Updated over a week ago

This workflow automates the process of granting temporary admin permissions to Mac users via JAMF, initiated by a Slack request. It begins with verifying the requester's email, then collecting a justification for the admin rights requirement. If a computer is assigned to the user, a Slack Security Channel is prompted for approval. Upon approval, permissions are granted in JAMF, monitored, and later revoked—maintaining compliance and control throughout the process.

Take Me to the Template

Trigger

Slack

Optional Triggers

"Microsoft Teams","Web Hook"

Use Cases

null

Workflow Breakdown

  1. Verify Email address found in Slack

  2. Ask for a reason for the admin rights request

  3. Find computers that are assigned to the user by email address

  4. Ask for approval in the Slack Security Channel

  5. If approved, provide permissions in JAMF, wait and revoke permissions

  6. If denied, notify user via Slack

Vendors

Slack, Utils, HTTP, Jamf

Workflow Output

Success/Failure

Tips

User asks bot \"request-mac-admin\" in Slack to start workflow","Use extended attributes in Jamf with policies to enable admin rights","Jamf policies setup to run when attributes are found with Smart Computer Groups

Related Articles
Request Just-in-Time Access to SSO Applications in JumpCloud - Workflow Template
Request Elevation of Local Admin Privileges in JumpCloud - Workflow Template
Just-In-Time Access to Group Membership in Active Directory - Workflow Template
Handle Wiz Alert for AWS Admin Principals Inactive Over 90 Days - Workflow Template
Just-in-time (JIT) access to Okta Groups via Slack - Workflow Template
Did this answer your question?