Skip to main content

We have several macbooks (Monterey and Ventura) that cannot boot anymore and are asking for a recovery key. After filling in the key an reinstallation doesn't work (error), only a complete format and reinstall solves the issue. Some users are able to get to the login screen after entering the recovery key at boot but then the macbook reboots back into the recovery mode. We tried safemode, logging mode etc. All the options that we could find couldn't prevent a complete wipe of the disk and reinstallation.

 

We suspect this has something to do with a patch policy with an Safari 17 update but we are not sure. 

I don't think updating Safari would cause the Macs to not be able to boot. If you can access the Jamf log on the affected systems at /var/log/jamf.log, it may provide more information about what Jamf policies ran before this started happening. Even if a system in non-bootable, there are ways to get to the Jamf log.

Where Safari is in the crypto container with the OS, Safari is not called during the OS load. Safari won't cause a device to fail to boot. Honestly, in most cases Applications Can't cause the OS to fail to boot. 

 

My suspicion is you have a configuration like a legacy KEXT, or outdated security tool that is not happy with Ventura. Honestly, I would be testing against Sonoma at this point and not bothering with Ventura. For any troubleshooting you really need to get the device to the log on screen, if SSH works use that and pull logs off the device. If its crashing as a user tries to log in, it is probably application based (still not likely Safari).

Recently I needed to get the Jamf log from my test Mac that had gone through a PreStage enrollment but ended up on the login screen with no user account setup. So, how would I login? I rebooted into recovery, made sure I was connected to the network, then opened Terminal and used secure copy to send the Jamf log to my other Mac. Target disk would also work.

Reply


Terms & ConditionsCookie settings