new iMac M1 devices ready to deploy to a University teaching lab.
No problems with DEP/Prestage.
This is all about 1st logins using Directory Accounts (AD).
Config profile already skips Apple ID and Siri setup windows for each new user. But we need more. Not seeing these options in LoginWindow payloads for new Config profile, even though JAMF is supposed to have provided zero day support for Big Sur.
I added some comments in italics
We need to skip:
1. Accessibility. Changed my mind on this. That one can stay at each new user login. It's actually a good thing to keep for ADA compliance.
2. Data and Privacy This is already covered by our login banner and seems redundant
3. Touch ID Changed my mind on this one. Although it can't be used for initial login, it is very handy for unlocking screen. Just they have to do this for each Mac that they login to. There will be at least one person who will think it works on a computer that they didn't set it up on, however.
4. Choose Your Look I prefer that they all look the same because it makes it better for a teaching environment.
5. TrueTone Display Sure TrueTone is good. Just make it the default
AD logins over wifi using 802.1x profile are already slow enough. The goal is no more than 20 seconds from credential input to functioning desktop. User accounts and corresponding homedirs are deleted periodically using the jamf binary to keep the computers lean, and people can't count on using a Mac that they used the day before, so there will be a lot of "new user" logins.
