Portrait of Michael Singletary
Michael Singletary
Senior Enterprise Endpoint Management Engineer · Higher Ed

Scaling Mac management through automation, intelligence, and care.

I run Jamf for large higher ed environments - thousands of Macs, different audiences, and the guardrails that keep things secure but not annoying. AI is how I script faster, write better runbooks, and move changes through approvals without slowing down.

Jamf Pro macOS lifecycle Zero-touch / ADE AI-assisted scripting SSO / Duo / Shibboleth CrowdStrike · Tenable
3,000+
Macs in higher ed
98%
Zero-touch enrollment success
40–50%
Ops time saved w/ AI

Recent focus: license hygiene, token/cert refreshes, Jamf SSO rollout, smart groups for DNS/Zoom issues.

What I do

Jamf at scale

Smart groups, controlled OS deferrals, app deployments that behave in labs, zero-touch enrollments that don’t surprise users.

Policy-driven

AI-assisted automation

Use LLMs to draft scripts, summarize logs, write runbooks, and generate change descriptions — then harden for production.

LLM + scripting

Security & compliance

FileVault, bootstrap tokens, Activation Lock, CrowdStrike/Tenable via Jamf, and dashboards to catch drift quicker.

Secure-by-default

Automation & APIs

Shell, zsh, Python, Jamf API to build inventory, cleanup scripts, and “one-click” remediation for common Mac issues.

Bash · Python · Jamf API

Higher ed constraints

Semester turnover, shared labs, loaners, repairs that break ADE, and change control that can’t take down onboarding.

Higher ed ready

Recent impact

Enrollment
Zero-touch for faculty, staff, and labs
Built PreStages and profiles that keep MDM trust intact even through repairs and reassignments.
Security
FileVault + sensor coverage
Smart groups + EAs to find non-reporting or non-escrowed Macs, then target re-escrow or AV/EDR updates only where needed.
LLM-assisted scripting
Faster scripts & change docs
Used AI to generate Jamf policies, CLI scripts, and user-facing instructions - cutting turnaround by almost half. Every script starts with AI, ends with testing — and ships only when it’s proven.
Hygiene
License cleanup + token refresh
Removed stale devices, kept ADE/ASM/VPP/Jamf certs current so big rollouts don’t fail mid-semester.

Mini case studies

DNS diagnostics via Jamf

EA to capture dig and scutil --dns output, then smart groups to target problem Macs (Zoom / BloxOne edge cases).

Jamf EA · networking

Jamf SSO for admins

SSO (Shibboleth/Duo-style) for Jamf accounts to reduce sprawl and unlock Jamf’s newer features safely.

SSO · Duo

Signed, scoped packages

Flow for large apps (GIS, research, creative) to be signed, smoke-tested on small smart groups, then rolled out widely.

Scoped rollouts

License hygiene & reporting

API scripts to prune stale Macs and keep license counts realistic - plus dashboards execs can actually read.

Jamf API · reporting