Skip to main content

Team,



Im trying to run the following script but Im caught in a catch 22 lol.



#!/bin/sh



####### MDM fix #####
## This script will delete all Profiles from the computer ##
## Than re-enroll in MDM management ##
## Than remove Earth from preferred wireless network list ##
#####################



##### Variables #####
loggedinuser=ls -l /dev/console | awk '{print $3}'
hardwareport=networksetup -listallhardwareports | perl -p -e 's/
/ /' | grep -Eo 'Wi-Fi Device: en[0-9]' | awk '{ print $3}'



##### Delete Profiles ###



profiles -R -p Identifier



##### Re-enroll in MDM Management ###



jamf manage
sleep 30



#### Re-assigns Identity for Earth to new user cert and removes PEAP Auth ####



security delete-generic-password -l "Earth"
security set-identity-preference -c $loggedinuser -s com.apple.network.eap.user.identity.wlan.ssid.Earth



rm -f /private/var/tmp/profilefix.sh



Here are the steps:



Remove MDM profiles
Re-enforce MDM management
Re-associate Identity with User Cert from SCEP



The problem is that jamf manage will only run once all policies are complete. And the command is running in the policy. Is there away to force jamf manage to work even if policies are running.



Thanks for your input.



Shawn

@sgoetz,



In Casper 9.4, JAMF implemented the feature request to bring back the jamf mdm command, so if you're running Casper 9.4 or later, try using using the jamf mdm command in your script instead of jamf manage.



https://jamfnation.jamfsoftware.com/featureRequest.html?id=1388



If you're on 9.x but not yet on 9.4, I have a post available on what I was doing in 9.32 to fix MDM issues with jamf manage:



http://derflounder.wordpress.com/2014/06/15/automatically-fixing-mdm-certificate-enrollment-with-casper-9-x/

@rtrouton



You sir are my best friend today!!! jamf mdm worked 😃 im on 9.6

Terms & ConditionsCookie settings