Big Sur laptops skipping account creation during DEP Enrollment

yungstump
New Contributor II

For the last month of so, 15% of our Big Sur laptop has been skipping account enrollment during the DEP process. It forces the user to land on an account login page with no credential to login. Upon checking into the computer entry in JAMF - the username is set to root.

This is a major issue for us right now and affects our zero-touch deployment. Did any of you guys see this issue recently and is there a fix?

25 REPLIES 25

gachowski
Valued Contributor II

Yep open a ticket with Apple please : )

https://www.jamf.com/jamf-nation/discussions/38791/intel-macbook-pros-not-creating-new-user-accounts#responseChild216970

yungstump
New Contributor II

What response did you get from Apple saying they know about the issue?

gachowski
Valued Contributor II

Nothing out of the normal ... we know about however have no idea when it will be fixed... and that was while 11.4 was in RC so I assume it's not fixed in 11.4 or AC would have asked me to test... : )

maristchris
New Contributor III

You state that it's about 15%...is it tied to specific units, or if you blow out and reinstall the same machine will it work correctly?

maristchris
New Contributor III

I came to look for a work around for the opposite issue...I can't get my intel mbp's to skip local account creation.

yungstump
New Contributor II

it will work if I reinstall the OS on the machine and deleting the entry in JAMF. Definitely a frustrating issue.

Garci4
New Contributor III

it will work if I reinstall the OS on the machine and deleting the entry in JAMF. Definitely a frustrating issue.

Has anyone seen this not be the case? I've been pointing folks to https://support.apple.com/guide/mac-help/erase-and-reinstall-macos-mh27903/mac but maybe instead of deleting the Volume group, need to wipe the SSD for this to reliably work? Just had two users with the issue even after wiping & re-installing.

gachowski
Valued Contributor II

I have seen the erase and reinstall the OS not work 3 times in a row .. the issue is random so it possible to have the uses see the issue back to back......IME : )

Garci4
New Contributor III

@gachowski same here, I was initially speculating that users may have just re-installed without wiping or that they need to wipe the SSD instead of just the volume group but not totally sure. Ended up just un-scoping from PSE for now...

binglenozumi
New Contributor II

Have you tried to reinstall those Mac and see if the same situation exist?

Garci4
New Contributor III

@binglenozumi not sure who you're asking but if you scroll up to the previous two responses you'll see a wipe & re-install strangely does not always resolve.

On interesting note, I was surprised to see the first mention of this on July 1st in the MacAdmins slack:
PI-009584
Jamf Pro fails to enforce account creation on computers during enrollment via a PreStage enrollment if a configuration profile with a Passcode payload is included with the PreStage.

msergi
New Contributor III

we were having this issue and I found that adding Location Services back into the Setup Assistant options instead of skipping resolved this

tak10
Contributor II

I'm having a reverse issue. I want to skip account creation since we use Jamf Connect and want the user to authenticate against Azure AD but it doesn't seem to Skip the account creation. I added the location services into the setup assistant so we will see. 

thomas_moser
New Contributor III

Still seeing the same issue with on-prem Jamf Pro 10.30.3 and Big Sur 11.5.2.
Does anyone have news to this?

In the meantime I will open tickets with Jamf and Apple and give an update if anything happens.
BR

gachowski
Valued Contributor II

I am still seeing it Monterey Beta 6... :  )  

michael_madsen
Contributor

I'm having this exact problem when I "wipe" a machine.

The way we wipe a machine is:

softwareupdate --fetch-full-installer


'/Applications/Install macOS Monterey.app/Contents/Resources/startosinstall' --eraseinstall --agreetolicense --forcequitapps --newvolumename 'Macintosh HD'

Once machine boots up, it will go through setup process, download our configuration profiles, but then either shut off the mac or go straight to login screen, where we only have our management user.

If instead, I boot into recovery and wipe the disk and reinstall, it appears to work just fine.

 

Hi,
we solved this issue by disabling the "Transfer Information" setup assistant option in our prestage enrollment.
So now our user see the setting during enrollment, but at least it works.
I can't say if the issue persists with Monterey, but at least with Big Sur we got rid of it.Screenshot.jpg

Hi Thomas

Thanks for this tip. I can confirm that this works for macOS Monterey (12.01)

It's still a bit of an annoying "hack" to have to do as the user may be confused what to do there until they see the skip button. But better than not having their account created.

jfisher
New Contributor II

There is another thread here: https://community.jamf.com/t5/jamf-pro/intel-macbook-pros-not-creating-new-user-accounts/m-p/251289#... too. I have always had Location, Privacy & Ts & Cs "unchecked" (meaning it shows). And two machines back to back behaved differently: a 13" pro out of the box and a 16" pro I wiped and am trying to repurpose. The 13" did not work the first time but worked the second and the 16" pro after three tries still isnt working. 

jfisher
New Contributor II

Hello again! I found this in another thread and I think it could be part of the problem (note the time limit): If you have auto advance turned on (for macOS 11 devics only, ethernet required) after 30 seconds at the first screen, setup assistant will skip through the screens itself until it gets to the login window and auto enroll the device in the process.

I am going to uncheck that box and try my 16" pro one more time... 

user-LYBGeLSLLt
New Contributor II

We have the same problem, nothing which was told in that conversation had helped us, is there anythink else, what we can do ?

jonguy1000
New Contributor

We have have been struggling with this as well. Jamf have acknowledged this is a known issue.

They suggested the following should provide a workaround:

Settings -> Global Management -> User-Initiated Enrollment -> Platforms

Untick "Create management account"

This is working so far for us.

gachowski
Valued Contributor II

 : ) just to give Jamf some love, it's really an Apple issue that they are not going to fix, so we/jamf have to use a work around.  : ) 

michael_madsen
Contributor

It appears that this was fixed in macOS Sonoma / Jamf Pro 10.50.

I just wipe a test mac 6 times in a row with "Transfer Information" checked in the pre-stage environment and I didn't run into this issue.

michael_madsen
Contributor

I'm not sure if this was a problem with macOS or Jamf, but it seems to be fixed with above versions.