- Attempting to initiate Zero Touch Deployment with DEP enrolled MacBook Pro.
- After entering login info at the "Select Your Wi-Fi" prompt, the Remote Management screen appears.
- Click the Continue button and a "Unable to Connect to the MDM Server for your Organization" appears.
- Attempted the same process on both a public Wi-Fi network and on the company Wi-Fi network. Got the same result.
- Does a port need to be opened or some other configuration need to the modified?
Question
Unable to Connect to the MDM Server for your Organization
+3
+18This may be in relation to an open product issue with Jamf (PI-002379) which generates excess DeviceInfoAccountHash, DeviceInfoITunesActive, and ProfileList MDM commands. When these build up, MDM seems to slow down and DEP also seems affected. I would reach out to your TAM/Jamf support to see if you can confirm that you are experiencing this PI. They have a temporary fix for it until they address the issue in product.
+8I do not know what is causing this but I do know how I was able to fix it for the systems experiencing it in my organization. I took their serial numbers and searched in "Devices" (where iOS devices would go) and found that they were all in there with the name: [No Name] After I deleted these entries and reinstalled a fresh copy of MacOS on each system they connected via DEP without issue.
+9I ought to follow up on this for posterity...
Turns out that the 34011 error relates to the device being able to contact DEP servers (iprofile/albert), but not being able to reach the CRL servers (.symcb.com, .symcd.com) in order to validate that the certificate being presented to by the DEP servers has not been revoked.
+3Anyone has a good fix for this? My instance intermittently gets bug down with this issue. I would get this issue for a few days and suddenly, it would start working again.
+12I had the same issue on different servers:
1. Check the Jamf Pro URL in the settings
2. Check the Organization Name (don‘t use special characters like „ä“)
+2We had exactly the same issue.
Turned out to be a policy scoped to a (static) group that did not existed anymore.
Jamf is going to fix this is in the new update.
We fixed it by re-creating the missing groups.
+13If you still having issues, then go to the deploy wsite, download the token and upload it back to the JSS..
done!
Hi all need your help on below error while i am trying to register my iMc to DEP
We have allowed 17.0.0.0 subnet with port allow ports 80, 5223, 2195, 2196, 443
+26We were recently having issues with apps not installing in iOS and in particular the Native apps at activation Apple has updated this document:
https://support.apple.com/en-us/HT201999
Our fix was to whitelist: bag.itunes.apple.com
Since we did this I am also not seeing the random messages on my prestages saying they cannot connect
+10We are still having enrollment failures. This seems to be the only source of knowledge on the matter
https://nstrauss.github.io/mitigating-mac-enrollment-failures/
We had the same issue and I flushed DNS cache on the client machine which fixed it.
Big sur: sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.