Wondering if anyone has had this happen. Prestage enrollments for laptops have been working great until I checked the Require Authentication check box in the Prestage enrollment to require the user to sign in during computer setup.

When the user enters their Open Directory credentials, the computer completes the setup without a hitch and is user ready. However in the JSS it will not apply the post-enrollment policy or any policies that I have set up, the policies are nothing special they go through and couple of scripts, applies management, and auto installs iWork and iLife.

Without requiring authentication, the post setup policies ( I have a few) will trigger within 5 minutes of setup, I left a computer on, never to go to sleep, over a weekend to see if it needed more time to apply and it never did.

In terminal I can run sudo jamf recon and that goes through successfully and in the JSS the computer is listed as DEP-(SerialNumber) but does not have any policies waiting to be triggered.

Smart groups will not pick up the machine, I created a smart group with query of computer name "like" DEP and nothing is populated. In Casper Remote, the computer is not listed so I can not force the policies if I wanted.

Its weird as the computer is listed in the JSS, it shows the computer details, that its MDM capable with the user that set it up, but its doesn't seem to be recognized by the JSS to allow any ongoing management.

I tried this with both a new policy and an existing policy on 3 different laptops. On all 3, they worked without require authentication check, but did not work when require authentication was checked. I am not having any issues with policies for iPads when requiring authentication however.

Is their a step I am missing here to get this to work as expected or is something awry?