Jamf Nation Community

healthcareaa · ‎04-19-2023

Hello,

We are having issues enrolling BYOD devices in Jamf Pro using Account-driven BYOD Enrollment.

We are following the instructions on Jamf documentation but we are receiving an error for any Managed AppleID that tries to sign in:

"Your Apple ID does not support the expected services on this device. Contact your administrator to sign in"

All of our Apple IDs are managed and the domain is setup in Apple Business Manager. We have a ticket open with Jamf Support but wondering if anyone else has had this issue.

Current configuration:

This has worked before. We had these settings turned off for a while while we investigated (about 1.5 months).

iPhone 13 Pro Max running iOS 16.4.1.

Jordy-Thery · ‎04-19-2023

Did you verify the domain ownership in Apple Business Manager & upload the json file to your webserver (as described here: https://docs.jamf.com/10.41.0/jamf-pro/documentation/Account-Driven_User_Enrollment_for_Personally_O...)?

healthcareaa · ‎04-19-2023

I don't understand the need for a web server...

It's strange that Jamf and Apple would ask their customers to do this on their own. This has worked before without a web server setup.

Jordy-Thery · ‎04-19-2023

It's an Apple requirement, nothing Jamf specific but yes. You need to upload a file named 'com.apple.remotemanagement' (with the correct content) to the /.well-known/ folder in the root directory of the website of which you verified the domain in ABM.

If you run this terminal command:

curl -I https://yourcompanysite/.well-known/com.apple.remotemanagement

You need to receive an HTTP/1.1 200 OK and the content type needs to be Content-Type: application/json

Once that is ok your account driven enrollment should work.

healthcareaa · ‎04-19-2023

Thanks for the info. Just in disbelief that this is a requirement at all from Apple.

ajamfadmin1810 · a week ago

Where can we host this? in AWS? Running into this same issue

Jamf Nation Community

Account-driven BYOD Enrollment Failing