Hello everyone,
Running into a weird issue that I’m not sure if is intended or not (Fairly new to JAMF). We have some user’s devices that had not been checking-in\pushing commands properly via Jamf Pro, mainly due to users not logging in. Received a few back after the users left the company and they are at the local Mac login instead of the Jamf Connect login screen. I can connect them to ethernet and send them commands from Jamf Pro, but they do not check-in and receive commands (wipe\lock\etc). If I log in past the local Mac login, they start receiving commands again and work properly. I can also still use recovery to wipe them, but they do not receive any commands or check-in until I am past that initial Mac login screen.
Tried using Jamf Routines and a few other things to try and get them to check-in and receive the commands without having to login locally, but nothing seems to work until I get past that first local login or wipe them. Is this intended? Does the local Mac login “softlock” Jamf commands from being sent if it's not checking in? Is there a way to get it to start checking in again from the local Mac login? Mainly trying to figure out in case we have someone quit without returning the device and need to remotely wipe\lock it.
Hopefully that makes sense, thank you!
Devices not receiving push commands from Jamf Pro when at local Mac login.
+1
+1Yes we are using Filevault on all the devices.
The machine is in an encrypted state and not fully booted.
You can trigger the FileVault recovery option by pressing Option + Shift + Return on the keyboard and then reset the password.
+1The issue isn’t really that I can’t log into it. I have the ability to log into the devices and have the commands work again. My question is more should the commands be working at the local mac login screen. It won’t check in or run any pending management commands from Jamf Pro
This is more for if the device is not returned or stolen. I want to be able to wipe or lock the device remotely without having to have someone log into them first if they are already online.
The machine is in an encrypted state and not fully booted. It’s not connected to the internet. You don’t have the ability to send commands but the data is inaccessible as the volume is locked.
This is one of the most frustrating aspects of Apple security as the data is secure but you’re not getting the machine back if it’s lost or stolen. If a user fails to return it then you can lock or wipe it if they log in.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.