Skip to main content

Hey, not sure if this is a particular DEP issue or more so to do with macOS but I'm wondering if you've seen the following.



I'm starting to get a lot of new Macs shipping and while they are added to a particular PreStage, they do not immediately pick up that it's required. The issue goes like so:




  • New employee opens sealed laptop

  • Starts running through Setup Assistant and is prompted to connect to wifi

  • Mac connects and the next screen is the Migration Assistant screen NOT DEP page informing employee that the Mac is to be managed.



If the employee continues, they can successfully setup their Mac without the DEP PreStage being completed or being enrolled in JAMF.



In order for the User to be presented with the DEP Setup Assistant page they must do the following:




  • Start Mac and proceed through Setup Assistant

  • Connect to wifi and click Continue

  • On Migration Assistant page click Back button

  • Connect to wifi again (can be same or different network), then click continue

  • Now they see DEP SA page and are prompted for authentication.

  • Following this, they see all SA steps associated with the assigned PreStage and the Mac is successfully enrolled in JAMF.



I Have tested this on 6 brand new 2016 Macs plus several 2013-2015 macs that have been wiped back to factory with 10.12.2. All exhibit the same issues.



As you can imagine, this isn't great for UI as I need to communicate to make sure to click back then connect to wifi again, or be present for all enrolments.



Any ideas?

@kwoodard Buying directly from Apple is likely the cause here. IIRC only authorized resellers can register devices with your ABM/ASM instance.



If you are purchasing under an institutional purchasing account with Apple that is not the case. You can associate that account with your ASM/ABM. In fact, it's better from this perspective because it doesn't rely on your reseller's POS system integration functioning properly.

November 2021, and we are having this issue on a stock of M1 Macbook Pro's that were purchased in July...

Has anyone considered also that there is some type of timeout on Apple's side that a device that has sit unopened too long fails to be identified on the first boot network connection? It could be purely coincidental, but our stock of macbooks were purchased and added to our ABM profile on July 21, 2021. Jamf enrollment has been working for us perfectly...until October 21, 2021. Our last successful "no issue" enrollment was October 20.

Since then, the few that we have opened fresh out of the box have had the failure, and we have had to wipe them to get the DEP enrollment started. I'm not saying the above reasons are also not true, but I can't help but think it also has to do with the devices not being online for exactly 3 months...

@Scott_Conway   I have had my deployment team charge the macs that have been sitting on the shelf for a long time before they enroll them and I don't seem to have that issue anymore.

@Scott_Conway   I have had my deployment team charge the macs that have been sitting on the shelf for a long time before they enroll them and I don't seem to have that issue anymore.


I have seen this as well. If the Mac is under 25% charge, I have a very high rate of them not being picked up by the pre-stage. If they are higher than that, I have had one or two out of 50.

currently doing a batch of 80+ devices through DEP, all m1 with big sure so far, the experience has been much better regards to DEP. I believe the issue is specifically occurring at the ASM, check process, as i understand it, we aren't all sharing the one server, so the experience from country to country will ultimately be different. having a strong internet and wifi connection to the devices, I think is a key factor, limiting to no more than 12 to one WAP would be advised especially if a-lot of packages are being pulled down. But I believe the performance of ASM, and its activation check after the devices connects to wifi, has been modified of late, as some do take longer to process the check for ASM DEP activation status.

 

I suppose battery could impact this also, as power management could impact the functionality of the hardware connectivity etc. e.g. the haptic feedback of the trackpad is not available when battery is low.

currently doing a batch of 80+ devices through DEP, all m1 with big sure so far, the experience has been much better regards to DEP. I believe the issue is specifically occurring at the ASM, check process, as i understand it, we aren't all sharing the one server, so the experience from country to country will ultimately be different. having a strong internet and wifi connection to the devices, I think is a key factor, limiting to no more than 12 to one WAP would be advised especially if a-lot of packages are being pulled down. But I believe the performance of ASM, and its activation check after the devices connects to wifi, has been modified of late, as some do take longer to process the check for ASM DEP activation status.

 

I suppose battery could impact this also, as power management could impact the functionality of the hardware connectivity etc. e.g. the haptic feedback of the trackpad is not available when battery is low.


I would agree about the strong network connections or battery life, however in our situation, the DEP enrollments works after it initially fails, and then you wipe the machine (using the same network as before).

This leads me to believe there is some kind of issue on Apple's activation network.

I would agree about the strong network connections or battery life, however in our situation, the DEP enrollments works after it initially fails, and then you wipe the machine (using the same network as before).

This leads me to believe there is some kind of issue on Apple's activation network.


 

I would agree also, and possibly a regional issue also.

I can say it's improved in Australia over the past year.

I'm seeing this occasionally as well. If I reinstall the OS DEP picks it up but was wondering if there was a better way to get it to recognize DEP..



Even after reinstalling, I still got the wrong time and it did not pull DEP :(

Even after reinstalling, I still got the wrong time and it did not pull DEP :(


All through the past few week I have been seeing a time server issue with automatic time settings, something on the specific machines, blocking the time server, manually setting time should fix this. presumably screen time settings or a firewall setting or website anonymiser setting causing the underlying issue.

Reply


Terms & ConditionsCookie settings