I was just wondering how many others had done this and what process they had to go through to redo their iPad management. I really want to change this but have been avoiding it for years due to the work involved of re enrolling all the iPads. Is anyone using any DNS magic that makes this work without breaking mobile mdm?
Gabe Shackney
Princeton Public Schools
I'd like to see Jamf put out an article on a process for this. I would think many organizations are going to be looking to move from casper.domain.com to jamf or jamfpro.domain.com. My guess is that the easiest thing to do is to make changes that impact newly enrolled devices, but also keep your existing DNS entry in place so that your previous name continues to function.
Be sure to get an SSL certificate with both the old and new DNS names as SANs. That way clients can still validate the cert regardless of which URL they're using.
A wildcard cert will come in handy here.
We did this on Jamf Cloud a couple years back, and at that time there was a redirect they put in place that pointed old JSS --> new JSS, but that was only a temporary solution while we re-enrolled each device.
@cbrewer
I thought they were deprecating wildcard certs sometime soon...or something like that, but maybe I'm thinking of the .local certs.
No matter what it would be great if somehow Apple would allow a command that could confirm a change of MDM (maybe on the school.apple.com site with 2 factor authentication) to modify the cert without having to reenroll.
Gabe Shackney
Princeton Public Schools
When I did this internally, we were told the best way was to re-enroll devices.. Mobile, not so easy. Computers, we created a quickadd from recon attached to the new jss uploaded it to the old jss and had it run on any checkin for every machine.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.