- Jamf Nation Community
- Products
- Jamf Pro
- 10.3.1 DEP and User Initiated Enrollment Build wor...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
10.3.1 DEP and User Initiated Enrollment Build workflow issues
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-24-2018 09:16 AM
We recently had to upgrade to 10.3.1 as our 10.0.0 environment was spiking the server CPU to a consistent 100% per core utilization causing tomcat to become unresponsive after about 15 minutes of uptime before we had to reset tomcat again. After a lot of back and forth with JAMF we were unable to address the issue with 10.0.0 so as a last resort we installed 10.3.1. This addressed our performance issue and from the console side of things JAMF has been pretty snappy.
However, on the build workflow side of things, it has been nothing but trouble. Prior to 10.3.1 we were on 10.0.0 and our workflow was as follows:
JAMF 10.0.0
- DEP enroll or User-Initiated JAMF Enrollment (Quickadd.pkg)
- Launch Self Service and run the build policies for a particular group (AD Bind, HostName, Apps, etc. etc.)
- Deploy Mac to end user
JAMF 10.3.1
- DEP enroll or User-Initiated JAMF Enrollment (Install MDM profile)
- Wait anywhere from 10 to 60 minutes for the JAMF Binaries to fully install. (Current average is about 30 minutes for us)
- Launch Self Service and run the build policy for a particular group (AD Bind, HostName, Filevault, Install Apps, etc. etc.)
- Deploy Mac to end user
On JAMF 10.3.1 the build policy results seem to be inconsistent. Sometimes the SMB distro point fails to mount, sometimes our hostname script doesn't complete properly. I am troubleshooting these as unrelated to the JAMF upgrade, but it is odd we didn't see these under 10.0.0
I know the switch from the quick add to the MDM profile method is due to the changes Apple made in 10.13 for user approved kernel extensions, but there has to be some way to speed up the installation of the JAMF binaries.
What are other people using for the DEP and User-Initiated enrollment build workflows? Is there something simple I am missing here?
Labels:
- Labels:
-
Imaging
-
Self Service (macOS)
Reply
9 REPLIES 9
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-25-2018 07:12 AM
Just a shameless bump..
The TL;DR version of this post is simply that with 10.3.1, we are seeing a 10-60 minute delay in the JAMF binaries getting installed after both DEP and User Initiated Enrollments. I have a case open with JAMF but was curious if this is an issue with everyone or just me?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-25-2018 07:24 AM
The Tomcat utilization piece has been an issue for us since 9.0. We have had 2, multi-month long support sessions with JAMF over the last 3 years on this. Both times it ended up being a bug deep the the code that JAMF had to release a .x release for. We just recently updated to 10.2.2 and we still will see Tomcat pegg at load averages of 20+ and stay there requiring a Tomcat restart. Although, it is not very common anymore.
I am just getting started figuring out a DEP workflow for Macs. Still working on what works best for config'ing Macs. I think a basic DEP config followed by a Tech running a SS on-boarding script is the way we will end up going.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-25-2018 07:41 AM
Funnily enough, We're running 9.101.4 and since Monday, we have had the same issues?
Was working fine last week?
I'm flabberghasted..
I renewed the DEP token and created a new PreStage Enrollment Profile but same issues..
Reply
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-25-2018 09:52 AM
Having the same issues. This has been pretty consistant since 10.0, and contiunes through 10.3.1 for us.
Reply
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-25-2018 10:54 AM
Prior to 10.3.1 we were using the quickadd package and didn't have the issue. Glad to see that I am not the only one.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-25-2018 12:24 PM
Yup - enrollment has suddenly become a hot mess. What's going on JAMF???
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-25-2018 01:24 PM
https://derflounder.wordpress.com/2018/04/01/user-initiated-computer-enrollment-now-using-mdm-profile-enrollment-in-jamf-pro-10-3/
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 04-25-2018 01:34 PM
@ChrisJScott-work That is the process we are following. Unfortunately the JAMF binaries don't install immediate or even close to the completion of the enrollment. We are typically seeing about a 30 minute average lag behind enrollment before the binaries are fully installed.
I have a case open with JAMF and they are looking into it. I'm just hoping they have a quick easy fix.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 06-07-2019 09:24 AM
@FritzsCorner What was the solution to this? We are running into it now.
