Skip to main content
Solved

Jamf first enrollment fails on reimaged macbook

  • December 18, 2022
  • 7 replies
  • 41 views
janzaldua
Forum|alt.badge.img+7

I have a test macbook that was enrolled into JAMF. I reimaged it via macOS Recovery, which installed a fresh new OS for Ventura. I thought maybe this was a Ventura issue, so I rolled back the OS to an earlier version (Big Sur) and the same issue occurs. I get this error: " An error occurred. Contact your IT Administrator "

 

 

Note: For clarity, the MacBook installs any macOS just fine, and seems to gather the enrollment profiles/policies from JAMF, but upon first boot (when the user should enter their SSO credentials), it gives this screen.

Best answer by janzaldua

Update: It was fixed after I removed the Device from Jamf completely. Still unsure of the cause, but when in doubt, just remove the device from JSS

    7 replies

    S
    Forum|alt.badge.img+8
    • SCCM
    • Valued Contributor
    • 148 replies
    • December 19, 2022

    Basic questions but does your device have internet access at his stage i.e. it hasnt switched networks to somthing whcih requires authentication. Also is your jamf login profile signed, and is the cert on the profile still valid?  thats just looking like it cant get to your IDP

    janzaldua
    Forum|alt.badge.img+7
    • janzaldua
    • Author
    • Valued Contributor
    • 55 replies
    • December 19, 2022

    Basic questions but does your device have internet access at his stage i.e. it hasnt switched networks to somthing whcih requires authentication. Also is your jamf login profile signed, and is the cert on the profile still valid?  thats just looking like it cant get to your IDP


    - That is correct, the device has internet at its stage. I will test a different device tonight.

    - I believe the JAMF login profile is signed and the cert is still valid, but for clarity, where can I check those two things to make sure.

    A
    Forum|alt.badge.img+10
    • AtillaTheC
    • Contributor
    • 91 replies
    • December 20, 2022

    Did you delete the record in Jamf prior to re-enrollment? If not do you have re-enrollment settings set properly?

    janzaldua
    Forum|alt.badge.img+7
    • janzaldua
    • Author
    • Valued Contributor
    • 55 replies
    • December 20, 2022

    Did you delete the record in Jamf prior to re-enrollment? If not do you have re-enrollment settings set properly?


    I did not delete the record, but we do have re-enrollment settings set properly I believe.

    Keep in mind, this is the only system having the problem. I've wiped and re-enrolled systems many times over the past year without an issue. I could try deleting the record in Jamf, but I was more curious why this was happening.

    A
    Forum|alt.badge.img+10
    • AtillaTheC
    • Contributor
    • 91 replies
    • December 20, 2022

    I did not delete the record, but we do have re-enrollment settings set properly I believe.

    Keep in mind, this is the only system having the problem. I've wiped and re-enrolled systems many times over the past year without an issue. I could try deleting the record in Jamf, but I was more curious why this was happening.


    OK if those settings are set that way then i'm unsure. Could be a firewall issue maybe? Have you tried on a different network? If its the same on a different network may be ideal time to open a support case with jamf to review your logs.

    S
    Forum|alt.badge.img+8
    • SCCM
    • Valued Contributor
    • 148 replies
    • December 23, 2022

    - That is correct, the device has internet at its stage. I will test a different device tonight.

    - I believe the JAMF login profile is signed and the cert is still valid, but for clarity, where can I check those two things to make sure.


    you cant check the cert from within jamf, you need to download the configuration profile from jamf and check inside the profile. Alternatively if profiles are accessible on your machines check one of the other machines profiles for signed information. If its working on all other machines it prob isn't that though.

    janzaldua
    Forum|alt.badge.img+7
    • janzaldua
    • Author
    • Valued Contributor
    • 55 replies
    • Answer
    • December 24, 2022

    Update: It was fixed after I removed the Device from Jamf completely. Still unsure of the cause, but when in doubt, just remove the device from JSS


    Terms & ConditionsCookie settingsAccessibility statement