So to start out with, my work is heavily secured and currently don't have APN or DEP up and running. It's in the works for the future but no available now. So currently, I created configuration profile, download it, package it, and push it to the user. I've been working on creating something better and need you help, since I'm almost there. The goal is to have something working until we can get APN and DEP running.
So our current imaging process uses user-enrollment done by techs on a special network. Everything is set up and computer is rebooted and given to user. During this process about 6 configuration profiles get put down via the packaging method.
Recently I was playing around with trying to get it working using actual pushes from the server. I've had luck using the following process:
1) Connect machine on special network
2)Enroll machine to JAMF Server
3)Disconnect from special server and put on outside network. This is done to enable the machine as a MDM capable in JAMF's eyes. Only keep it on outside network for about a minute.
4) Reconnect to special network and reboot. After rebooting the configuration profiles that I created are pushed down.
Not ideal..but it somewhat works. The thing I noticed is that if I add a configuration profile, or modify one....it doesn't get pushed right away (which makes sense due to lack of APN connection). But if I reboot the machine it gets it. Or in some odd circumstances if I leave the machine alone for about 4 hours it gets it as well.
So my question - what happens during the reboot that causes that push? Is it something that can be scripted so the reboot isn't needed? Seems like "sudo Jamf recon" and "sudo Jamf policy" aren't getting it....so is there a way to do it without rebooting?
As a Mac guy, rebooting seems like a co-out answer to things in a PC centric world...so I want to avoid it as much as possible.
