Privilege Zone Rules

Tenant
Tier Zero Principals
Tier One Principals

The following Cypher rules define the default Privilege Zone for the JamfHound extension. Each rule is defined in a JSON file located in the PrivilegeZoneRules directory of the JamfHound repository.

Tenant

Tenant nodes in JAMF Pro.

MATCH (n:jamf_Tenant)
RETURN n

This rule is defined in the tenant.json file.

Tier Zero Principals

Accounts and group principals with ‘Full Access’ administrator privileges in the tenant and ‘SSO’ configuration if enabled.

MATCH (n)
WHERE n.Tier = 0
RETURN n

This rule is defined in the tier0-principals.json file.

Tier One Principals

Other devices and principals without granted tenant administrator permissions.

MATCH (n)
WHERE n.Tier = 1
RETURN n

This rule is defined in the tier1-principals.json file.

Cypher Queries jamf_Account

⌘I

Get Started with BloodHound

Install a Data Collector

Collect Data

OpenGraph

Analyze Attack Path Data

Manage BloodHound

API & Integrations

Resources

Privilege Zone Rules

Tenant

Tier Zero Principals

Tier One Principals

Get Started with BloodHound

Install a Data Collector

Collect Data

OpenGraph

Analyze Attack Path Data

Manage BloodHound

API & Integrations

Resources

​Tenant

​Tier Zero Principals

​Tier One Principals

Tenant

Tier Zero Principals

Tier One Principals