![]() Good night and good luck.ĮTA: for the Parallels crew, check out this post on Jamf Nation. Or use an actual physical machine to test. TBH it's probably something we should all do anyway, to ensure consistent testing with VMs. Special characters can wreak havoc on MDM management as well. I would also strongly recommend using vfuse to define a random serial number rather than letting VMware (for this example at least), because vfuse's -s random will make sure special characters are not used. A list of currently-shipping model IDs can be found here. hw-model can be whatever, as long as it's a real Apple model ID. path/to/vfuse -i /path/to/osx_custom_ -o /path/to/save/location/ -s random -hw-model "iMacPro1,1" -n "macOS 10.13.3 mdm tester" Using vfuse to build the VM will look something like this: Fortunately if you're just evaluating user-approved MDM enrollment (not specifically DEP enrollment) for this change in Jamf Pro 10.3 the s/n can be random (though can't include special characters!), but a model ID must be defined. To install Jamf on your Mac hardware device, you will need to launch the Chrome. This is comparable to this post by Ross D about testing DEP with VMs. NOTE: Before enrolling please upgrade your MacBook OS to macOS Ventura. There is a small risk if you do not authenticate as part of enrollment. The user/tech as the user then logs in to Jamf Connect to create the user account. If you use VMs to test, my recommendation is to use AutoDMG+vfuse to build it. So, the tech authenticates before enrollment (we use an LDAP screen as part of Enrollment Customization for ADE and require authentication for UIE). ![]() When I go to the Settings/Global Management/Device Enrollment Program my account has a red triangle next to it. ![]() Devices that were added to the DEP pre-move would setup correctly but new devices added after the move wouldnt start the DEP process. And as a result, the profiles won't install correctly. Then I noticed I started having problems with my DEP syncing in Jamf. If i look at the Management Tab - Policies and it lists all the. I do a sudo jamf recon, then sudo jamf policy, but it says 'No policies were found for the 'recurring check-in' trigger'. pkg do not run until about an hour after enrollment. It'll do a big ol' "wft mate" during enrollment and cause some weirdness. Im seeing this issue after updating to JSS 9.101. What's worth noting for those of us that test on VMs, however, is that if you just set up a vanilla VM (with VMware Fusion, Parallels, VirtualBox, or your virtual tool of choice, whatever it is) is that a device without a recognized Apple hardware model ID is going to be treated as a generic "Mobile Device" and not be recognized as a Mac. This way the MDM profile is user-approved, because the user has to accept the installation themselves prior to the rest of the enrollment happening. As you've probably seen from the release notes of Jamf Pro 10.3, the enrollment style has changed for Macs on 10.13.0+ to prompt to install profiles rather than install the QuickAdd (which then installed the profile).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |