Skip to main content

Hello,

 

I am working on a faster deployment for the end user but I am hitting a snag. We are manually creating the user account after the computer is set up. However, the problem is that Jamf is taking the admin Account and using that as the Fields for User and Location. Is there a good way that I can have the newest created account be imported and change these fields? (snapped a pic just to make it more clear).

--This method is still in the testing stage so luckily zero headaches yet :D

 

Just some extra info:

No user account is created when we enroll the computer (Admin account is Added).
I have chopped DEPNotify in Half. This way we can do the 30-40 minute install without the person needing to be here. Once the first half of DEP is installed, we create their account, i.e. appleguy13 and generic pw.
Once they're here, we have them update the PW and run DEPNotify part two which grabs their name and computer name etc. However, I'm not getting this info imported in Jamf

 

As always thanks in advance!

 

 

@Fox What are you installing during your DEPNotify enrollment? You might want to re-think your initial payload if it's taking 30-40 minutes to install. For comparison my org's initial enroll isn't exactly small (one of the installs is the full Microsoft Office suite) and on an M-series Mac takes less than 15 minutes with a decent Internet connection. We do the user account creation as part of the PreStage Enrollment (locked to the credentials the user enters to authenticate enrollment which eliminates their opportunity to enter an invalid user ID) so the Jamf Admin account never gets associated with the computer record.

@Fox What are you installing during your DEPNotify enrollment? You might want to re-think your initial payload if it's taking 30-40 minutes to install. For comparison my org's initial enroll isn't exactly small (one of the installs is the full Microsoft Office suite) and on an M-series Mac takes less than 15 minutes with a decent Internet connection. We do the user account creation as part of the PreStage Enrollment (locked to the credentials the user enters to authenticate enrollment which eliminates their opportunity to enter an invalid user ID) so the Jamf Admin account never gets associated with the computer record.


Thanks for your input.

It's mainly  due to the internet speed here (I am also using ethernet for best speed). Supposedly our internet will be worked on over this summer.....

When I rollout test devices on my house internet, it takes approx 10 minutes. 

So nothing huge. Ms Suite (this alone takes about ten minutes on the school ethernet), Chrome, Zoom, and a few other small things.

 

-I was probably padding  a little bit on time. 25-30 minutes.

-I have other apps, such as Sophos, install after the fact which helps cut down on the initial install time.

 

 

 

I found a solution in case any one else runs into this issue.

 

The user account info is created in a plist in depnotify.

 

I then trigger the update via a simple recon script set up as a policy:

#!/bin/bash

# Get the PUNet ID from the plist
punet_id=$(defaults read ~/Library/Preferences/menu.nomad.DEPNotifyUserInput.plist PUNet\\ ID)

# Update the username in Jamf
jamf recon -endUsername "$punet_id"

 

I found a solution in case any one else runs into this issue.

 

The user account info is created in a plist in depnotify.

 

I then trigger the update via a simple recon script set up as a policy:

#!/bin/bash

# Get the PUNet ID from the plist
punet_id=$(defaults read ~/Library/Preferences/menu.nomad.DEPNotifyUserInput.plist PUNet\\ ID)

# Update the username in Jamf
jamf recon -endUsername "$punet_id"

 


jamf recon -endUsername is not working for us. The script runs, but the assigned user is not updated. We can see the in our script the correct username is being pulled. We are pulling the username from com.jamf.connect.state.plist (connect/Azure AD environment). Only thing we can think of is the field may be wrong?

Reply


Terms & ConditionsCookie settings