Apple iMac enroll not working

PaulL
New Contributor

Hi Folks,

I'm new to jamf, and just using it as a software developer because our customers want us to integrate to it, so our instance serves as test data for developing integrations.

I've got a couple of iphones enrolled fine.

When I try to enroll an apple laptop, I go either to https://myinstance.jamfcloud.com/enroll, or I can use the link provided by jamf when you create an invitation, which is basically the same.. https://myinstance.jamfcloud.com/enroll?invitation=somelongnumber

So I get to the enrollment screen, it says "Assign to user", so I put a user name in that box, but when I click "Enroll" nothing happens. The screen just says there as if the enroll button had not been clicked.

thanks

Paul

 

11 REPLIES 11

obi-k
Valued Contributor II

The first link should work. For the user name, does this account have enrollment rights in your Jamf Pro? Can you use another account?

AJPinto
Honored Contributor III

If you are not connected to AAD or LDAP I have noticed JAMF Cloud likes to hang when you attempt to assign to user during Device Enrollment. Try leaving that field blank and assigning the device within the JAMF Console after enrollment.

PaulL
New Contributor

The account I used was my email address, which is the site administrator. In user accounts and groups, it says:

 

Username Full Name Email Type Access Privileges

EMAIL ADDRESS
My NameEMAIL ADDRESSStandard UserFull AccessCustom

 

I also created an invite with that same email address.

thanks

 

obi-k
Valued Contributor II

Do you use Apple Business Manager? Worth a look if the iMac has a T2.

https://support.apple.com/guide/apple-configurator/welcome/ios

PaulL
New Contributor

I don't think so. I just want to get the Apple into the "Computers" list in Jamf cloud so that we have some test data to play with for developing API integration. The apple is pretty much brand new and nothing has been installed on it

 

Would installing apple business manager fix this ?

AJPinto
Honored Contributor III

If your goal is to manage Macs (or to fully manage iOS devices), then yes you need Apple Business Manager. However there is much more to it then that. 

 

Apple Business Manager is needed for Automated Device Enrollment, and to identify an Apple product as organizationally owned. Apple Business Manager is NOT needed for (manual) device enrollment, however when using this enrollment method you leave quite a few management options on the table as Apple identifies the device as personally owned.

 

Apple Business Manager is not the cause of the issues you are seeing. JAMF has no way to validate the user info, so its hanging.

PaulL
New Contributor

Thanks, yes we don't want to manage devices, we just want some data in jamfcloud so that we can do api development work.

It seems strange that JAMF would just hang or do nothing when I click the enroll button. Do you know if it's ok to use the same password here that I use to log into jamf cloud ? .. or should I create a separate account somwhere in jamfcloud with a different email and password  ?

 

AJPinto
Honored Contributor III

If you have login required to enroll, it would be either a LDAP account (assuming you have LDAP setup) or a local JAMF Cloud Account (it still needs to be local if you have AAD or SSO setup as enrollment does not check that). The Local account you are using needs enrollment privileges. 

 

The most direct way to do it:

  • Navigate to https://name.jamfcloud.com/enroll
  • Enter the credentials of a user that can enroll a device
  • do not assign to a user, click enroll
  • add the MDM Profile in system settings

If you still have issues, make sure that you have User-initiated enrollment for Macs enabled in JAMF Settings. If it is enabled, check the JAMF logs.

AJPinto_0-1686747975972.png

 

PaulL
New Contributor

Thanks, this is still the same sadly.

PaulL_1-1686749625612.png

I created that user above using my hotmail within jamfcloud, ensured it has enroll permissions.

When I click Enroll, it just sits there and does nothing just like you see above.

The settings look about the same as above

PaulL_0-1686749418695.png

 

AJPinto
Honored Contributor III

Don't enter anything there, just leave it blank.

 

That box tells JAMF to do a Cloud Identity Provider (AAD) or LDAP (AD) lookup. If you don't have those services configured it just hangs as there is no where to check the identify of the user. If you do have those services connected, use your ID or whatever attribute mapping you have setup, typically it would not have @domain.com unless you have that mapped to ID for some reason. 

 

One quick comment. JAMF Nation is not an IDP for JAMF Cloud. Your JAMF Nation Account ≠ your JAMF Cloud Account.

PaulL
New Contributor

ha I thought it would be a noobie type problem, it was :)

Its moved on now. Thanks for your help.