Can you please tell me how you manage MDM Capable Users with Jamf Connect?
We use Jamf Connect but on all of our computers the Capable Users MDM is empty.
This is very problematic, because no more VPP applications, no more user level configuration profiles, etc...
Our devices are enrolled DEP, MacOS 11 or more recent.
The un-enroll and re-enroll solution is not acceptable with us, we have hundreds of new computers per month.
I'm amazed that it's so complicated for such basic and important things.
Thank you for your help
Thanks for your answer.
So when we prepare DEP computers, they enroll automatically but you have to renew the enrollment afterwards for each new Connect session with user validation?
There is no other way?
Apple is aware that they complicate the task of administrators 😔 ?
Thank you for your help.
Another point, we have devices with already an MDM Capable accounts and we cannot login on these accounts.
How can the MDM Capable User be changed remotely?
Because when we try the command line, we get the following error:
Error: Renewing DEP enrollment failed: Enrollment was initially performed by "<LOGIN>". Log in with this account to update it. (MDMDeviceEnrollment:102)
I'm sorry to be annoying like that but I really think Apple is exaggerating.
I can read this in Jamf Pro documentation :
User accounts on computers can be MDM-enabled (formerly MDM-capable) to allow an MDM solution to manage certain user-specific management settings. You need MDM-enabled users to do the following:
Deploy user-level configuration profiles.
Receive the EDU profile via the user channel for managed classes.
For more information, see Classes.
Does this mean that it is no longer necessary to have a capable mdm user to trigger an installation of a VPP application as was the case in the past?