Wiped the machine and loaded a fresh 10.9.1 on it. Still failed. Anyone have any thoughts? Brand new JSS with the built-in JSS CA.

Having the same issue. 9.23 installed in a sandbox, fresh machine enrolled with Recon. Shows successful, but is not MDM enabled and can't pull down any profiles

sorry, double posted.

Saw this too earlier today. Enrolled two computers into 9.23 and both were listed as Not Enrolled.

Just went to check, and they have both enrolled. Looks like the MDM enrollment during check in is working.

Is there a solution or workaround to this problem?

Edit: Fixed it was the certificate in the Tomcat, we had only changed the "Push Certificates" certificate.

Sounds similar to https://jamfnation.jamfsoftware.com/discussion.html?id=7359

Rebuilding the SSL cert resolved it for me last time.

Did you get it working @RobertHammen][/url ?
Now that I'm reading this I'm kind of holding off on upgrading to 9.23.

Nope. I did try recreating the Tomcat/SSL cert, made no difference. Also wiped the client I was trying to enroll, no difference. Going to email support and see what they say.

Did a webex with jamf support today. We couldn't find the cause of the problem, everything looks how it should. We're gonna keep working until we figure it out; they said they're heard of a bunch of cases of this happening on 9.23.

Yes we are seeing this as well. It started for us in 8.52 and has carried over into our 9.21 environment. The only machines affected are Mountain Lion any 10.8.x machines. We are trying to determine if an upgrade to Mavericks will fix. The hardware is all over the board. We have about 60 that are affected. We as well have tried reimaging (last resort) but often that has no affect. We created a new cert and restarted Tomcat, wiped a machine from JSS and reimaged but still the problem persists. We have opened a case with JAMF on this.

@appledes
Did you re-enroll the machine and are you sure the "Apache Tomcat Settings" is filled in?

SSL Certificate
Subject Name CN=servername.domain.nl, OU=JSS, O=JAMF Software, L=Minneapolis, ST=MN, C=US

Hi mvught. Yes. We re-enrolled manually about 300 machines, and the Apache Tomcat Settings are set. We have about 60 10.8.x machines that enroll successfully and 60 10.8.x that simply refuse. We are about to get our hands on one of the units that wont enroll. Despite my sincerest efforts, I cannot duplicate this in the lab environment. Again, we have several hundred Lion and Mavericks machines, but each of them re-enrolled fine. It is only ML that is affected. Each of these machines were originally enrolled in the 8.52 environment.

And if you delete the machine with jamf removeFramework than remove the computer from the JSS and then re-enroll?

Yes we tried that sequence but not successful.

Will be interested to know if the Casper 9.24 update that just came out fixes this for you. I held off on upgrading to 9.23.

Cane you post the log, off your error?
And run the following command: sudo jamf enroll -prompt -verbose

There looked to be 2 changes to the JSS in 9.24; neither seemed directly applicable to the situation.

I have the client trying this now, and I'm trying it in another client environment where I just updated to 9.24.

OK. We finally were able to pull one of the affected machines out of the environment and play with it. We found a solution to this. And again.. its only Mountain Lion and all versions 10.8.1 - 10.8.5.
If WIFI is configured and connected to our network, AND the Ethernet port is in use, the MDM will not enroll. If we turn off Wi-Fi, reboot the machine, log back in with a local admin account and run sudo jamf manage, the MDM profile will now be installed. This scenario is EASILY duplicated on any of the Macs in our lab. Hopefully this will work for others experiencing this problem.

@ appledes It does sound a little like the fix in 9.24

[D-006321] Fixed an issue that prevented the JSS from installing OS X configuration profiles with a
Network payload and a Wi-Fi network interface.

@ rcobin. Thats what led us to look in that direction.

Has anyone tested this or had any success with Mavericks? I've been trying every suggestion I've gotten, including reenrolling with Wifi off as local admin, and it's still failing. QuickAdd fails, and jamf -manage just reports that the MDM could not be installed.

I have had no problem enrolling Mavericks machines with JSS 9.21 or 9.23

So is this issue all resolved now ? I've been kind of holding off on upgrading to 9.23 or 9.24 since reading this.

I am seeing this issue - iOS seems to work without a hitch. When you say disable AirPort, is the AirPort connected to an SSID or just powered on?

We're seeing this post 9.3 update-
Any newly imaged Macs show up as not MDM capable - we struck a new QuickAdd .pkg from the 9.3 Recon, removed the framework on any non-MDM cabpable Mac, installed the QuickAdd, and get:

jamf manage -verbose
Password:
Getting management framework from the JSS...
Enforcing management framework...
 verbose: Timeout: 60
Checking availability of https://ourjssserver.com:8443/...
The JSS is available.
Enforcing login/logout hooks...
 verbose: Creating login hook...
 verbose: Enabling login hook...
 verbose: Creating logout hook...
 verbose: Enabling logout hook...
 verbose: Writing preferences for Login window...
 verbose: Creating startup item script...
 verbose: Created startup item script
 verbose: Creating launchd item for startup item...
** verbose: Attempting to install the mdm profile at the computer level.
Problem installing MDM profile.
Problem detecting MDM profile after installation.**
Enforcing scheduled tasks...
 verbose: Removing existing launchd task /Library/LaunchDaemons/com.jamfsoftware.task.1.plist...
 verbose: Creating task Every 60 Minutes...
 verbose: Adding launchd task com.jamfsoftware.task.1...
Creating launch daemon...
Creating launch agent...
 verbose: Existing plug-in, 2.plist, is up to date.
 verbose: Existing plug-in, 3.plist, is up to date.
 verbose: Existing plug-in, 4.plist, is up to date.