You've got to setup User Initiated Enrollment. Once that is setup, you should be able to setup a Prestage enrollment. You'll be setting up a hidden admin account under the platforms tab.

This feels weird to me. Are your machines in DEP? How are you enrolling them into JAMF currently?

I logged in with an Admin credentials, setup the prestage enrollment, assigned it to my site. Logged out and logged back into my site. When i click 'prestage enrollment' i do not see the prestage enrollment i setup.

I use a quick add package when enrolling my site computers. My department buys the computers from the Apple store and then we use a quick add package

Looks like our Casper mgmt is evaluating/testing DEP. I was hoping for a script to suppress these Catalina prompts. Similar to scripts that are available for High Sierra, Mojave

https://github.com/rtrouton/rtrouton_scripts/tree/master/rtrouton_scripts/disable_apple_icloud_data_privacy_diagnostic_touch_id_siri_activation_lock_and_screentime_pop_ups

This might be what you need

You might need to modify the script though as the user template location has moved in Catalina.
It now resides at /Library/User Template/ instead of /System/Library/User Template/

@tcandela Yeah, thought I could help. We're in DEP so I've never had to mess with this :)

@drtaru I'll give it a shot. below is what i changed.

I just copied/pasted this (disable_apple_icloud_data_privacy_diagnostic_touch_id_siri_activation_lock_and_screentime_pop_ups.sh) into my editor to use as the script i'll use.

for USER_TEMPLATE in "/System/Library/User Template"/
changed to this below 'simply just deleted '/System'
for USER_TEMPLATE in "/Library/User Template"/

I get the following policy details after having the script apply to a 10.15 computer. So it looks like it didn't make changes to the 'user template' but the second part looks to have worked on not having the login popups appear for current users who have yet to logon.

BUT i created a new user afterwards and did not get any login popups. So not sure what these 'could not write domain' happened

Script result: 2019-10-22 14:29:39.962 defaults[1089:5334] Could not write domain /Library/User Template/__permissions.plist/Library/Preferences/com.apple.SetupAssistant; exiting
2019-10-22 14:29:39.979 defaults[1091:5338] Could not write domain /Library/User Template/__permissions.plist/Library/Preferences/com.apple.SetupAssistant; exiting
2019-10-22 14:29:39.995 defaults[1093:5345] Could not write domain /Library/User Template/__permissions.plist/Library/Preferences/com.apple.SetupAssistant; exiting
2019-10-22 14:29:40.012 defaults[1094:5348] Could not write domain /Library/User Template/__permissions.plist/Library/Preferences/com.apple.SetupAssistant; exiting
2019-10-22 14:29:40.028 defaults[1095:5351] Could not write domain /Library/User Template/__permissions.plist/Library/Preferences/com.apple.SetupAssistant; exiting
2019-10-22 14:29:40.043 defaults[1096:5354] Could not write domain /Library/User Template/__permissions.plist/Library/Preferences/com.apple.SetupAssistant; exiting
2019-10-22 14:29:40.058 defaults[1097:5357] Could not write domain /Library/User Template/__permissions.plist/Library/Preferences/com.apple.SetupAssistant; exiting
2019-10-22 14:29:40.074 defaults[1098:5360] Could not write domain /Library/User Template/__permissions.plist/Library/Preferences/com.apple.SetupAssistant; exiting
2019-10-22 14:29:40.090 defaults[1100:5366] Could not write domain /Library/User Template/__permissions.plist/Library/Preferences/com.apple.SetupAssistant; exiting
2019-10-22 14:29:40.106 defaults[1102:5373] Could not write domain /Library/User Template/__permissions.plist/Library/Preferences/com.apple.SetupAssistant; exiting

could it be because the com.apple.SetupAssistant.plist is at

/Library/User Template/English.lproj/Library/Preferences/com.apple.SetupAssistant

the script does not fully give the correct path? (see below)

/usr/bin/defaults write "${USER_TEMPLATE}"/Library/Preferences/com.apple.SetupAssistant DidSeeCloudSetup -bool TRUE

I'd recommend using profiles over scripts these days. I've got some that should do the same job:

iCloud: https://github.com/rtrouton/profiles/tree/master/SkipiCloudSetup
ScreenTime: https://github.com/rtrouton/profiles/tree/master/SkipScreenTimeSetup
Siri: https://github.com/rtrouton/profiles/tree/master/SkipSiriSetup
Dark or Light Appearance: https://github.com/rtrouton/profiles/tree/master/SkipDarkorLightAppearance

Yep I missed the English.lproj folder, thats my fault.
Correct path would be /Library/User Template/English.lproj/

Any chance we could get the completed corrected Catalina script posted?

Also for the Profile usage is there a document you could link on how to import/distribute the profile to end user devices after the OS is updated/installed.

#!/bin/bash

# Determine OS version
osvers=$(sw_vers -productVersion | awk -F. '{print $2}')
sw_vers=$(sw_vers -productVersion)

# Determine OS build number

sw_build=$(sw_vers -buildVersion)

# Checks first to see if the Mac is running 10.7.0 or higher.
# If so, the script checks the system default user template
# for the presence of the Library/Preferences directory. Once
# found, the iCloud, Data & Privacy, Diagnostic, Touch ID, Screentime
# Activation Lock and Siri pop-up settings are set to be disabled.

if [[ ${osvers} -ge 7 ]]; then

 for USER_TEMPLATE in "$3/Library/User Template/English.lproj/"*
  do
    /usr/bin/defaults write "${USER_TEMPLATE}"/Preferences/com.apple.SetupAssistant DidSeeCloudSetup -bool TRUE
    /usr/bin/defaults write "${USER_TEMPLATE}"/Preferences/com.apple.SetupAssistant GestureMovieSeen none
    /usr/bin/defaults write "${USER_TEMPLATE}"/Preferences/com.apple.SetupAssistant LastSeenCloudProductVersion "${sw_vers}"
    /usr/bin/defaults write "${USER_TEMPLATE}"/Preferences/com.apple.SetupAssistant LastSeenBuddyBuildVersion "${sw_build}"
    /usr/bin/defaults write "${USER_TEMPLATE}"/Preferences/com.apple.SetupAssistant DidSeePrivacy -bool TRUE
    /usr/bin/defaults write "${USER_TEMPLATE}"/Preferences/com.apple.SetupAssistant DidSeeTrueTonePrivacy -bool TRUE
    /usr/bin/defaults write "${USER_TEMPLATE}"/Preferences/com.apple.SetupAssistant DidSeeTouchIDSetup -bool TRUE
    /usr/bin/defaults write "${USER_TEMPLATE}"/Preferences/com.apple.SetupAssistant DidSeeSiriSetup -bool TRUE
    /usr/bin/defaults write "${USER_TEMPLATE}"/Preferences/com.apple.SetupAssistant DidSeeActivationLock -bool TRUE
    /usr/bin/defaults write "${USER_TEMPLATE}"/Preferences/com.apple.SetupAssistant DidSeeScreenTime -bool TRUE
  done

 # Checks first to see if the Mac is running 10.7.0 or higher.
 # If so, the script checks the existing user folders in /Users
 # for the presence of the Library/Preferences directory.
 #
 # If the directory is not found, it is created and then the
 # iCloud, Data & Privacy, Diagnostic, Touch ID, Screentime
 # Activation Lock and Siri pop-up settings are set to be disabled.

 for USER_HOME in "$3/Users"/*
  do
    USER_UID=`basename "${USER_HOME}"`
    if [ ! "${USER_UID}" = "Shared" ]; then
      if [ ! -d "${USER_HOME}"/Library/Preferences ]; then
        /bin/mkdir -p "${USER_HOME}"/Library/Preferences
        /usr/sbin/chown "${USER_UID}" "${USER_HOME}"/Library
        /usr/sbin/chown "${USER_UID}" "${USER_HOME}"/Library/Preferences
      fi
      if [ -d "${USER_HOME}"/Library/Preferences ]; then
        /usr/bin/defaults write "${USER_HOME}"/Library/Preferences/com.apple.SetupAssistant DidSeeCloudSetup -bool TRUE
        /usr/bin/defaults write "${USER_HOME}"/Library/Preferences/com.apple.SetupAssistant GestureMovieSeen none
        /usr/bin/defaults write "${USER_HOME}"/Library/Preferences/com.apple.SetupAssistant LastSeenCloudProductVersion "${sw_vers}"
        /usr/bin/defaults write "${USER_HOME}"/Library/Preferences/com.apple.SetupAssistant LastSeenBuddyBuildVersion "${sw_build}"
        /usr/bin/defaults write "${USER_HOME}"/Library/Preferences/com.apple.SetupAssistant DidSeePrivacy -bool TRUE
        /usr/bin/defaults write "${USER_HOME}"/Library/Preferences/com.apple.SetupAssistant DidSeeTrueTonePrivacy -bool TRUE
        /usr/bin/defaults write "${USER_HOME}"/Library/Preferences/com.apple.SetupAssistant DidSeeTouchIDSetup -bool TRUE
        /usr/bin/defaults write "${USER_HOME}"/Library/Preferences/com.apple.SetupAssistant DidSeeSiriSetup -bool TRUE
        /usr/bin/defaults write "${USER_HOME}"/Library/Preferences/com.apple.SetupAssistant DidSeeActivationLock -bool TRUE
        /usr/bin/defaults write "${USER_HOME}"/Library/Preferences/com.apple.SetupAssistant DidSeeScreenTime -bool TRUE
        /usr/sbin/chown "${USER_UID}" "${USER_HOME}"/Library/Preferences/com.apple.SetupAssistant.plist
      fi
    fi
  done
fi

exit 0

This is what I came up with. I believe it is correct now.

@j.catlin When posting a script please use the ``` (triple back-tick) tag before and after the script to designate it's a code block and prevent the forum software from mangling the display.

We use this and it works pretty well. https://github.com/MagerValp/SkipAppleSetupAssistant

@j.catlin this is what i use, but when i have the mac joined to AD and a person logs in the first time they still get prompts. So basically it doesn't work. What i see different in your script is the beginning of each FOR loop. Is yours working? if so, must be the for loop difference

I just logged into a Catalina AD Joined and it went through privacy setup, siri setup, and a couple others. Gonna have someone else login and write down the exact prompts that popup

# Determine OS version osvers=$(sw_vers -productVersion | awk -F. '{print $2}') sw_vers=$(sw_vers -productVersion)

Determine OS build number

sw_build=$(sw_vers -buildVersion)

Checks first to see if the Mac is running 10.7.0 or higher.

If so, the script checks the system default user template

for the presence of the Library/Preferences directory. Once

found, the iCloud, Data & Privacy, Diagnostic, Touch ID, Screentime

Activation Lock and Siri pop-up settings are set to be disabled.

if [[ ${osvers} -ge 7 ]]; then for USER_TEMPLATE in "/Library/User Template"/ do /usr/bin/defaults write "${USER_TEMPLATE}"/English.lproj/Library/Preferences/com.apple.SetupAssistant DidSeeCloudSetup -bool TRUE /usr/bin/defaults write "${USER_TEMPLATE}"/English.lproj/Library/Preferences/com.apple.SetupAssistant GestureMovieSeen none /usr/bin/defaults write "${USER_TEMPLATE}"/English.lproj/Library/Preferences/com.apple.SetupAssistant LastSeenCloudProductVersion "${sw_vers}" /usr/bin/defaults write "${USER_TEMPLATE}"/English.lproj/Library/Preferences/com.apple.SetupAssistant LastSeenBuddyBuildVersion "${sw_build}" /usr/bin/defaults write "${USER_TEMPLATE}"/English.lproj/Library/Preferences/com.apple.SetupAssistant DidSeePrivacy -bool TRUE /usr/bin/defaults write "${USER_TEMPLATE}"/English.lproj/Library/Preferences/com.apple.SetupAssistant DidSeeTrueTonePrivacy -bool TRUE /usr/bin/defaults write "${USER_TEMPLATE}"/English.lproj/Library/Preferences/com.apple.SetupAssistant DidSeeTouchIDSetup -bool TRUE /usr/bin/defaults write "${USER_TEMPLATE}"/English.lproj/Library/Preferences/com.apple.SetupAssistant DidSeeSiriSetup -bool TRUE /usr/bin/defaults write "${USER_TEMPLATE}"/English.lproj/Library/Preferences/com.apple.SetupAssistant DidSeeActivationLock -bool TRUE /usr/bin/defaults write "${USER_TEMPLATE}"/English.lproj/Library/Preferences/com.apple.SetupAssistant DidSeeScreenTime -bool TRUE done # Checks first to see if the Mac is running 10.7.0 or higher. # If so, the script checks the existing user folders in /Users # for the presence of the Library/Preferences directory. # # If the directory is not found, it is created and then the # iCloud, Data & Privacy, Diagnostic, Touch ID, Screentime # Activation Lock and Siri pop-up settings are set to be disabled. for USER_HOME in /Users/ do USER_UID=basename "${USER_HOME}" if [ ! "${USER_UID}" = "Shared" ]; then if [ ! -d "${USER_HOME}"/Library/Preferences ]; then /bin/mkdir -p "${USER_HOME}"/Library/Preferences /usr/sbin/chown "${USER_UID}" "${USER_HOME}"/Library /usr/sbin/chown "${USER_UID}" "${USER_HOME}"/Library/Preferences fi if [ -d "${USER_HOME}"/Library/Preferences ]; then /usr/bin/defaults write "${USER_HOME}"/Library/Preferences/com.apple.SetupAssistant DidSeeCloudSetup -bool TRUE /usr/bin/defaults write "${USER_HOME}"/Library/Preferences/com.apple.SetupAssistant GestureMovieSeen none /usr/bin/defaults write "${USER_HOME}"/Library/Preferences/com.apple.SetupAssistant LastSeenCloudProductVersion "${sw_vers}" /usr/bin/defaults write "${USER_HOME}"/Library/Preferences/com.apple.SetupAssistant LastSeenBuddyBuildVersion "${sw_build}" /usr/bin/defaults write "${USER_HOME}"/Library/Preferences/com.apple.SetupAssistant DidSeePrivacy -bool TRUE /usr/bin/defaults write "${USER_HOME}"/Library/Preferences/com.apple.SetupAssistant DidSeeTrueTonePrivacy -bool TRUE /usr/bin/defaults write "${USER_HOME}"/Library/Preferences/com.apple.SetupAssistant DidSeeTouchIDSetup -bool TRUE /usr/bin/defaults write "${USER_HOME}"/Library/Preferences/com.apple.SetupAssistant DidSeeSiriSetup -bool TRUE /usr/bin/defaults write "${USER_HOME}"/Library/Preferences/com.apple.SetupAssistant DidSeeActivationLock -bool TRUE /usr/bin/defaults write "${USER_HOME}"/Library/Preferences/com.apple.SetupAssistant DidSeeScreenTime -bool TRUE /usr/sbin/chown "${USER_UID}" "${USER_HOME}"/Library/Preferences/com.apple.SetupAssistant.plist fi fi done fi

@j.catlin i made the changes to both 'for loops' and will test on another computer. I have the script run on enrollment with priority 'after'. both for loops are below

for USER_TEMPLATE in "/Library/User Template"/* Changed it below 2/26/2020

for USER_TEMPLATE in "$3/Library/User Template/English.lproj/"*

for USER_HOME in /Users/* Changed it below 2/26/2020

for USER_HOME in "$3/Users"/*