I'm trying to get some profiles on my VM's, running on a esxi platform. when i make a empty profile at system level it get's pushed fine to my "regular clients" MBP etc. the profiles never appear in my VM's.
i tried to
jamf removeMDMProfile
jamf manage
on all VM's i have the MDM Enrolment profile so it seams they get pushed like they should. the VM's are in the same subnet as my other clients so network issues are unlikely. the following telnet tests are fine.
telnet 1-courier.push.apple.com 5223
telnet gateway.sandbox.push.apple.com 2195
telnet gateway.push.apple.com 2196
i'm at a loss, i see no reason why it shouldn't work.
who can help?
Best answer by rich.trouton
Virtual machines don't seem to work with Apple's push notifications. I'm not certain of the "why", but I suspect it's because OS X VMs generally have serial numbers that were not generated by Apple.
In my VM testing, I've found that anything involving having a Apple-registered hardware serial number / sending hardware serial number back to Apple doesn't work in VMs. This includes iCloud services like Find My Mac and Messages and it also applies to getting hardware-specific OS installers via Recovery HD. It may also apply to profiles whose installation relies on Apple's APN service sending a push notification.
One thing you could try is exporting the profiles from your Casper server and installing them using the profiles command. If installing the profiles works using the command-line installation method, then your issue is APN.
Virtual machines don't seem to work with Apple's push notifications. I'm not certain of the "why", but I suspect it's because OS X VMs generally have serial numbers that were not generated by Apple.
In my VM testing, I've found that anything involving having a Apple-registered hardware serial number / sending hardware serial number back to Apple doesn't work in VMs. This includes iCloud services like Find My Mac and Messages and it also applies to getting hardware-specific OS installers via Recovery HD. It may also apply to profiles whose installation relies on Apple's APN service sending a push notification.
One thing you could try is exporting the profiles from your Casper server and installing them using the profiles command. If installing the profiles works using the command-line installation method, then your issue is APN.
Hopefully this info helps other people struggling with this. There is a workaround to get push notifications to work on Mac OS computers hosted on ESXi, you need to get a shorter serial number. The ones generated by default are just too long to work with Apple's push notification service. ESXi 5.5 allows generating a 12 character serial number, I don't believe this works with 5.1 or earlier.
The trick is to enter the following key/value pair into the vmx file.
"SMBIOS.use12CharSerialNumber" = "TRUE"
You can also do this in vSphere Client: 1. Shut down your VM. 2. "Edit virtual machine settings" 3. "Options" tab. 4. "Advanced" > "General" 5. "Configuration Parameters" : "Configuration Parameters..." 6. "Add Row" 7. Name: SMBIOS.use12CharSerialNumber 8. Value: TRUE 9. "OK" : "OK" : "Power on the virtual machine"
In my testing, making this change immediately enables MDM. No jamf manage/recon needed. On next recon, the serial number will update in the JSS. I only tested in Casper 9.3, I don't know how previous versions will work.
I just had the same issue with my VirtualBox Mac running Catalina. I had set the serial number to a three digit serial which resulted in the configuration profiles not getting installed on the machine. I changed to a 12 character made up serial number and it worked.
