Skip to main content
Question

Wipe and reconfigure

  • February 28, 2019
  • 10 replies
  • 31 views
M
Forum|alt.badge.img+7

I haven't been able to find any info on this scenario:

We have a Mac that was fully enrolled and had policies and config profiles applied to it. Eg. Office installed, SEP installed, Filevault enabled, etc.

Then what we did was:

1) Wiped the Mac with Internet Recovery and reinstalled the macOS (10.14 in our case)
2) When the Mac started up again in Setup Assistant re-enrolled it in Jamf

However it doesn't seem to have started to reinstall all of the profiles and policies. Should it without our intervention? We did have to rename the computer in Jamf and force a computer rename on the iMac. Named it back to the original name it had before.

10 replies

H
Forum|alt.badge.img+9
  • hjcao
  • Contributor
  • 38 replies
  • February 28, 2019

make sure your policies aren't scoped to once per machine...

M
Forum|alt.badge.img+7
  • mthoma
  • Author
  • Contributor
  • 21 replies
  • February 28, 2019

Thanks, so what is the recommended frequency? How much of a server performance hit is "ongoing"? Or do we base the frequency on the type of policy based on how important it is to have something installed?

H
Forum|alt.badge.img+9
  • hjcao
  • Contributor
  • 38 replies
  • February 28, 2019

It all depends on how your policies are set up.

here's a good way to do it:

https://github.com/talkingmoose/Jamf-Management-Templates/wiki

G
Forum|alt.badge.img+16
  • gachowski
  • Honored Contributor
  • 1054 replies
  • February 28, 2019

Sounds like the it is set up machine based .. all you have do/remember when you wipe a machine you have to delete from the Jamf server...

you can automate that with scripts ...

https://www.jamf.com/blog/reinstall-a-clean-macos-with-one-button/

https://www.jamf.com/jamf-nation/discussions/14330/jss-api-delete-command

C

R
Forum|alt.badge.img+18
  • ryan_ball
  • Contributor
  • 475 replies
  • February 28, 2019

@mthoma How do you have your "Settings > Global Management > Re-enrollment" settings configured in Jamf Pro? Have you configured that section?

M
Forum|alt.badge.img+7
  • mthoma
  • Author
  • Contributor
  • 21 replies
  • February 28, 2019

No, we have not yet configured the Re-enrollment settings. Do you have any guidance on what to set? Or is there a document we can follow that gives some more info.

L
Forum|alt.badge.img+5
  • Lotusshaney
  • Contributor
  • 96 replies
  • March 1, 2019

Use the Jamf binary to jamf flushPolicyHistory somewhere early in your build.

That way it’s like a new machine and does not matter on policy frequency as it’s all flushed.

R
Forum|alt.badge.img+18
  • ryan_ball
  • Contributor
  • 475 replies
  • March 1, 2019

@mthoma At the very least I would check the "Clear policy logs on computers" and "Clear extension attribute values on computers and mobile devices".

However, I have them all checked and also have the bottom dropdown set to "Clear completed, failed, and pending commands".

mm2270
Forum|alt.badge.img+24
  • mm2270
  • Legendary Contributor
  • 7886 replies
  • March 1, 2019

As @ryan.ball stated, you need to adjust the settings in the Re-enrollment section in your JSS. I have them essentially set the same way as he stated, except for the Extension Attribute item.

This has seemed to work well for me.

M
Forum|alt.badge.img+7
  • mthoma
  • Author
  • Contributor
  • 21 replies
  • March 1, 2019

Thanks everyone, I'll check off those settings and see how it goes. :)


Terms & ConditionsCookie settingsAccessibility statement