- Jamf Nation Community
- Products
- Jamf Pro
- Re: Best Workflow for Testing Prestage Enrollment
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-31-2022 11:22 AM
Hello All,
If there is already another thread dedicated to this please point me in that direction, I don't mean to duplicate them.
I'm very new to Jamf prestage enrollments, so I am doing a lot of testing. Basically I have taken one of our new Macbooks out of the box and am using it as the testing device. I have been enrolling it, then making changes, then wiping from Jamf Pro, then enrolling again. Sometimes this works as if the computer is new out of the box and sometimes it doesn't. Many times it is as if Jamf remembers the machine even though I delete it. I have also tried unassigning the device in apple manager, sometimes this works sometimes not.
Does anyone have a workflow for this that works every time? Basically I want to enroll the device see what happens, then make changes and do it again.
Solved! Go to Solution.
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-31-2022 11:33 AM
Try changing this setting in your Jamf Pro settings:
Jamf Pro Settings -> Re-enrollment -> Clear policy logs on computers.
By default, Jamf remembers the policies your computer has run, even through a re-enrollment. So any policies you have set less than re-occurring, may not run again. For example, "Once per Computer" will never run again until you flush the policy logs. By setting this option, all the policy logs will be flushed when a computer is re-enrolled, so all policies should run again.
Deleting the computer should accomplish the same thing, but I know I don't always remember to do that. (Plus, then you lose any assignments to Static Groups you might have, which is important in my case.)
Also, if you are on Monterey or Ventura and have a comptuer with a T2 or M1/M2 chip, I suggest using Erase All Contents and Settings in System Preferences/Settings to wipe the computer. It is the fastest option.
Reply
8 REPLIES 8
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-31-2022 11:33 AM
Try changing this setting in your Jamf Pro settings:
Jamf Pro Settings -> Re-enrollment -> Clear policy logs on computers.
By default, Jamf remembers the policies your computer has run, even through a re-enrollment. So any policies you have set less than re-occurring, may not run again. For example, "Once per Computer" will never run again until you flush the policy logs. By setting this option, all the policy logs will be flushed when a computer is re-enrolled, so all policies should run again.
Deleting the computer should accomplish the same thing, but I know I don't always remember to do that. (Plus, then you lose any assignments to Static Groups you might have, which is important in my case.)
Also, if you are on Monterey or Ventura and have a comptuer with a T2 or M1/M2 chip, I suggest using Erase All Contents and Settings in System Preferences/Settings to wipe the computer. It is the fastest option.
Reply
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-31-2022 11:49 AM
Thanks for the advice. I have everything checked in re-enrollment. Could you give me more information about where to find Erase All Contents and Settings? Is it in Jamf or on the device?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-31-2022 11:54 AM
Nevermind. I found it!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-31-2022 12:02 PM
This is going to save me so much time!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 11-01-2022 09:59 AM
Where did you find the erase contents?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 11-01-2022 11:12 AM
On the new Macs, if you open System Preferences click the word System Preferences in the top toolbar, you'll see it in that menu.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 11-01-2022 12:45 PM
Thanks, we are mostly still Intel machines. I'll look out for it in the future.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 11-03-2022 06:25 AM
As Tribruin mentioned, it is also there on Intel Macs with the T2 security chip.
A work around for testing older Intel Macs can be to open Terminal before enrollment in setup assistant and press ⌃ Control + ⌥ Option + ⌘ Command + T and then type tmutil localsnapshot
What this will allow is for you to snap the Mac back to that state in recovery in a matter of minutes. The only downside is that the local snapshot only sticks for 24 hours. But when verifying a DEP-notify etc kind of setup for functionality across different generations, it definitely saved me a lot of time.
Reply
