Apple DEP enrollment if you skip wifi

New Contributor II

Question on scenario:

Have Apple macbook pro which is under DEP etc.,

  1. During initial setup of a macbook, it asks to join wifi which fine, connect to wifi then it checks itself into DEP and DEP says hey enroll into jamfpro which works and does all the magic in the background.

2. If you choose to skip wifi during initial setup and just continue setup offline, then eventually once logged into desktop and connect to wifi , it never goes in and checks DEP that it needs to be enrolled.

If we run manual command:

sudo profiles renew -type enrollment

Popsup with enrollment popup but user can still cancel it.

So question, how do we force enrollment on DEP devices that were setup on initial setup without wifi?



Contributor II

@esv I've observed mixed results when removing .AppleSetupDone and running through the Apple Setup Assistant after the fact. However, network connectivity is a strict requirement for proper DEP enrollment during the initial run of the Setup Assistant "out of the box".

You could also always perform a manual enrollment, however, you then sacrifice the benefits and features specific to a DEP enrollment.

New Contributor II
New Contributor II

That’s the actual behavior , and that I will be addressed with Catalina on the computers with T2 chip, It will work as it works in iOS now.It will need activation, so it will required to be connected to internet in order to work.

Honored Contributor

This has always had this behavior. If you select "This devices doesn't connect to the Internet," it bypasses DEP. This is because some macOS devices are air-gapped due to security reasons and may never actually talk to Apple servers over the Internet. So, you cannot force it, and it is for good reasons perhaps.

I personally also skip DEP for my Zoom Room Mac Minis. They cannot get the default config (it breaks auto login), so I must skip DEP and do OTA enrollment and assign it to the service account I had setup for them.

New Contributor III

@Victor.Barrera Very excited about Catalina and that feature for DEP.

Contributor II

@Victor.Barrera Curious as to where you noted that this feature would be introduced under macOS 10.15 for T2 devices?

Valued Contributor II


I don't think it's documented anyplace ... Apple has really dropped the ball with Catalina documentation... That said I am seeing the same thing as Victor in my testing..



Hence the issue with DEP and the problem with just sending devices straight to the end user like Apple want people to do; especially in schools and businesses. DEP is a solution to a problem that never existed in the first place.

Valued Contributor II

While I kinda understand... I disagree.. The security model has worked on the iPhone and It's needed for the macOS. I am a little upset that it has taken Apple this long to start locking the macOS.


New Contributor

I believe this is feature was never implemented. There is a DEP nag that happens after a certain point if you skip the WIFI setup, however, there is no amount of consistent time that this happens.