Posted on 06-09-2020 06:45 PM
I need someone help I noticed today that my CA Certificate on the certificate Details section is giving me the description but also gives me an error saying Not found in keychain
Posted on 12-09-2022 03:01 PM
I know this is an old thread, but I'm seeing this issue as well on our MDM Profile, but only for computers that aren't talking to Jamf anymore / throwing a 'Device Signature Error' when trying to run Jamf commands like policy or recon through terminal. Tried a sudo profiles renew -type enrollment, but didn't fix.
Posted on 12-09-2022 03:58 PM
If the machine is not talking to jamf you can try to remove the framework (sudo jamf removeFramework) keep in mind that sudo profiles renew -type enrollment only works on DEP-ABM enrolled computers.
Posted on 12-09-2022 04:38 PM
Thanks for the response. Did you ever figure out that keychain error for the config profile? I've found there can be multiple reasons for a computer can stop talking to Jamf. Migration Assistant can cause it, hardware changes can cause it. Heck, I had one recently that fell off Jamf management, would throw a 'Device Signature Error' when trying to run Jamf commands on it manually (just recon and policy update) - it turned out to be an old Garage Band Instruments.dmg policy we still had. Not sure how it was hosing Jamf on the computer, but I was able to recreate it elsewhere. The sudo jamf removeFramework has actually kinda screwed me in the past because it pulled the CA cert, but not the MDM profile, and it wouldn't let me re-enroll it properly via any method. My prefered method of fixing is a sudo jamf enroll -prompt. Or, using Jamf API to issue re-install the Jamf binary / 'self heal' - https://www.modtitan.com/2022/02/jamf-binary-self-heal-with-jamf-api.html
I had to resort to sudo jamf enroll -prompt to fix one computer, and even though that got it to check-in again and be properly managed again, the MDM profile still says keychain not found at the bottom under the 'SCEP Enrollment' section. So a little different than yours, but I just thought it was somewhat similar. I'm probably going to call Jamf support. Computer seems totally fixed, I just don't like how it says that keychain error. Our web filtering certificate config profile (Securly is the company) also throws a 'Error: Not found in keychain' on this computer. There wasn't that many google results for that error in a Jamf context (this was one of the few) so just figured I'd ask.