It should be easy to actually find it in searches though. Post back if you need pointers to the discussions that cover this process. app from the App Store and typically a one line shell command. #Jamf pro wipe computer installLastly, are you up to speed on the easiest method for wiping and reinstalling the OS on these Macs? It's a pretty simple process when using the Install macOS. Usually making sure those Re-enrollment settings are all enabled and having properly scoped profiles and policies in place, re-enrollment (thru DEP) works just fine. I've seen some people here swear by that process, but I've never run into an issue where I needed to do that. In my experience, it's usually not necessary to delete the computer record from Jamf before wiping/re-enrolling. But it sounds like you're already aware of and on top of that piece. I'd say one of the most common issues I've seen people have where devices don't get enrolled or don't get the settings they expect, is because they forgot to scope them to a Prestage Enrollment. Open a terminal on the target computer and issue the command python .py.For Jamf Pro, you need at least these READ privileges to access Jamf APIs in order for Okta to verify that the device is managed. #Jamf pro wipe computer proWithout them being assigned to a Prestage, they won't get picked up after enrollment for getting various profiles and other options applied to them. This information allows Okta to verify that end user devices are managed by Jamf Pro at the time of certificate enrollment. These problems can be avoided with the proper Smart Groups set up for them, but it's extra up front work, so just some things to keep in mind.Īs for other things to look at, I would double check that all or any Macs you are looking at wiping and resetting up are scoped to a Prestage Enrollment of your choosing. If you manually re-enroll a device, like thru the User Initiated Enrollment page, those policies will end up running again on the Mac, even if it hasn't been wiped. But keep in mind there is a pitfall to that approach as well. Personally, I think its best to set all those options to clear on re-enrollment. For example, any policies using a "Once per computer" frequency, no matter how anything else in the policy is set up, will NOT run again on the device if it ran previously, unless you enable the option to clear all policy logs (or you manually clear them beforehand) If OTOH, a policy is set to use a Smart Group looking for the absence of something (like an application) and the policy is set to Ongoing, then it should run again after being wiped, since the device will by default land in the Smart Group scoped to the policy. Troubleshooting can be done with one tap by resetting the device. No cart or IT interaction required Jamf Reset creates an over-the-air workflow with no additional hardware required. This is dependent on how the Jamf policy/policies are set up of course. A user-initiated wipe Jamf Reset empowers users themselves to digitally sanitize devices, with Home screen access to wipe the device. Without those enabled, when a device gets wiped/reinstalled and re-enrolled, some of your policies may not re-run on the device. Since it looks like no-one has answered your question yet, I'll take a shot at it.įirst off, you should enable all or most of the options you referenced in the Re-enrollment section of your Jamf Pro server.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |