Skip to main content
Question

Troubleshooting User Initiated Enrollment on Mac Neo

  • March 13, 2026
  • 2 replies
  • 87 views
BlueIT

Hi all,

I am trying to do a user initiated enrollment on a Mac Neo. I’ve done this same user initiated enrollment on many other Macs without issues, but this one only accepts some configuration policies and no packages can be scoped to the machine. Additionally, on my Jamf Pro instance, it says that the machine is not managed.

I have already done sudo jamf policy commands and updated the inventory, but that hasn't changed things. There don't seem to be any policies in Jamf Pro that I can scope to the Mac. The Mac is not listed under computers that I can scope, however, the Mac does show up when I click on the inventory tab.

Has anyone seen this before where the device shows up in inventory but remains unmanaged and unscopable? Any suggestions?

2 replies

A
Forum|alt.badge.img+2
  • angelohuang
  • New Contributor
  • March 15, 2026

A couple quick checks I’d do when a Mac shows up in Inventory but Jamf Pro still says “Not managed” / you can’t scope policies/packages:

1) Verify the Jamf management framework is actually installed + talking:
- /usr/local/jamf/bin/jamf checkJSSConnection
- /usr/local/jamf/bin/jamf manage
- /usr/local/jamf/bin/jamf policy (with -verbose if you can)

2) On the Jamf Pro side, confirm the device has a valid MDM profile + is in the correct state (MDM-capable / enrolled / not in a “pending” or “unmanaged” limbo). A device can inventory (recon) without being fully MDM-managed, which lines up with what you’re seeing.

3) If this is a user-initiated enrollment flow, I’d also sanity-check:
- enrollment complete page actually hit
- no APNs/MDM communication issues
- the Mac isn’t enrolled to a different Jamf instance (or has a stale MDM profile)

If it helps, here’s a short writeup on the “managed vs supervised vs standard enrollment” terminology (concept is the same regardless of MDM):

Understanding Supervised Devices in iOS and macOS MDM

A
Forum|alt.badge.img+2
  • angelohuang
  • New Contributor
  • March 17, 2026

One more angle that’s bitten me before: a Mac can happily do inventory (recon) while *not* actually being MDM-managed.

 

On the client I’d sanity-check the MDM enrollment state directly:

- System Settings → General → **Device Management** (is the Jamf MDM profile actually present?)

- `profiles status -type enrollment` (look for “MDM enrollment: Yes” / “User Approved MDM: Yes”)

 

If the MDM profile is missing or not user-approved, Jamf Pro will often show “Not managed” and you won’t be able to scope packages/policies even though the record exists.

 

Also worth checking for a stale/old MDM profile from another Jamf instance — removing that and re-running user-initiated enrollment usually clears the “inventory-but-unmanaged” limbo.

 

This breaks down the two pieces involved in macOS BYOD enrollment (MDM profile + agent) and the symptoms when one half is missing: Managing BYOD Enrollment for macOS in Swif

Terms & ConditionsCookie settingsAccessibility statement