Jamf Nation Community

I'm just now migrating from WGM to Config Profiles and what nextyoyoma is experiencing is what I'm experiencing too. It's not a big deal from my end...just click cancel...but I want to know where the root cause is.

I assume it comes from Keychain which drives me nuts anyways. Could I just make Keychain a restricted software?

I receive this prompt as well. I dont know the password to enter here. Admin password does not work. If I click cancel and then check the system.log. I see repeated failed attempts to remove a manually installed configuration profile (exported from JSS).

Was there any fix or resolution to this issue? I have been seeing this when my users login since updating my lab machines to ML.

I have to locate the other thread on this, but there is an explanation of the issue from the folks at JAMF. Essentially, its related to a Mac receiving a push, such as a Configuration Profile. While its getting the push, a temporary keychain is created, which only lasts a few moments. If the Mac goes to sleep in the middle of this small window, when it next wakes up, the keychain has expired and you get this message.
We see it on occasion too, and unfortunately this is for Apple to fix, not JAMF. While its not a major issue (you can simply click Cancel and ignore it) I'm hoping they resolved this with the upcoming Mavericks. Time will tell.

Configuration Profile Tool (CPT) first popped up in my network just over a year ago when there were no discussion threads about it. Spent just over 1-1/2 months back then with multiple JAMF engineers support calls and Apple consultants on my end and we had no resolve. We ran tests until the cows came home, again with no resolve. CPT seems to come and go as well, just to add to the uncertainty of this issue.

Lucky for the above posted threads there seems to be no ramifications as far as they know if a user should put their credentials into the CPT prompt. My network is a different story, the behavior seems to be that if a user (student) enters credentials into the CPT prompt, it rips profiles off of the machine rendering it basically useless. Sometimes its dock profiles, sometimes wifi profiles.

Communication between the effected device and the JSS seems to be intermittent and confusing. The device will check in as if its being managed but you can't push any profiles or trigger commands to the device.

Like mentioned on the above thread, the launch agent is trying to access the keychain before the keychain is unlocked, so during the boot access its trying to access it too soon and throws an error prompting you for credentials because its not unlocked yet.

Haven't heard yet if this will be addressed in Mavericks, but I believe JAMF's official stance is that this is indeed an OS X issue that Apple has to fix, not JAMF.

I know this is a really old thread, but it's one of the first things that pops up when you google the CPT message and I have a potential solution.

Profiles can either be for user or system. User Profiles will ask for authorization where system will not. If possible, make sure you set the profiles for the system and you should be good.