It should be easy to actually find it in searches though. Post back if you need pointers to the discussions that cover this process. app from the App Store and typically a one line shell command. Lastly, are you up to speed on the easiest method for wiping and reinstalling the OS on these Macs? It's a pretty simple process when using the Install macOS. Usually making sure those Re-enrollment settings are all enabled and having properly scoped profiles and policies in place, re-enrollment (thru DEP) works just fine. ![]() ![]() I've seen some people here swear by that process, but I've never run into an issue where I needed to do that. In my experience, it's usually not necessary to delete the computer record from Jamf before wiping/re-enrolling. But it sounds like you're already aware of and on top of that piece. I'd say one of the most common issues I've seen people have where devices don't get enrolled or don't get the settings they expect, is because they forgot to scope them to a Prestage Enrollment. Without them being assigned to a Prestage, they won't get picked up after enrollment for getting various profiles and other options applied to them. These problems can be avoided with the proper Smart Groups set up for them, but it's extra up front work, so just some things to keep in mind.Īs for other things to look at, I would double check that all or any Macs you are looking at wiping and resetting up are scoped to a Prestage Enrollment of your choosing. If you manually re-enroll a device, like thru the User Initiated Enrollment page, those policies will end up running again on the Mac, even if it hasn't been wiped. But keep in mind there is a pitfall to that approach as well. Personally, I think its best to set all those options to clear on re-enrollment. For example, any policies using a "Once per computer" frequency, no matter how anything else in the policy is set up, will NOT run again on the device if it ran previously, unless you enable the option to clear all policy logs (or you manually clear them beforehand) If OTOH, a policy is set to use a Smart Group looking for the absence of something (like an application) and the policy is set to Ongoing, then it should run again after being wiped, since the device will by default land in the Smart Group scoped to the policy. This is dependent on how the Jamf policy/policies are set up of course. Automated Device Enrollment is one of the methods in which a computer can achieve a User Approved MDM status in Jamf School. This is the enrollment method recommended by Apple. Without those enabled, when a device gets wiped/reinstalled and re-enrolled, some of your policies may not re-run on the device. Administrator Automated Device Enrollment (formerly DEP) allows you to automate the enrollment process and prevent users from removing the MDM profile from the devices. ![]() Since it looks like no-one has answered your question yet, I'll take a shot at it.įirst off, you should enable all or most of the options you referenced in the Re-enrollment section of your Jamf Pro server.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |