Help

Configuration profile - when it should apply

jameson
Contributor II

Posted on ‎01-03-2019 04:45 AM

I don´t know if there is a simple solution for this, but I cannot see any way

We have a configuration profile that ad a Machine certificate through AD CS. The issue is that when the mac is being enrolled, there in one of the first steps the user needs to pick a country and the mac is then re-named like AU-123456

However, the AD CS certificate has already been distributed to the machine before the machine has been renamed, so the certififcate is called like "admins macbook " etc
Is there a way to stop the AD CS to perform the certificate before the machine has been renamed ? or some kind of workarround to get this working ?

0 Kudos
Reply
3 REPLIES 3

znilsson
Contributor II

Posted on ‎01-03-2019 09:07 AM

This may not work for you, but I use a script to rename a Mac during provisioning, which occurs after login. I also have a smart group set to look for misnamed Macs that will just rename any badly-named Macs. If you can wait until later in the process to rename the Mac, maybe something like that might work?

0 Kudos
Reply

hkabik
Valued Contributor

Posted on ‎01-03-2019 09:32 AM

Have the rename process drop a dummy package or some kind of receipt. Then create a smart group based around the presence of that receipt. Then scope the Config profile to that smart group so it only triggers after the rename.

0 Kudos
Reply

jameson
Contributor II

Posted on ‎01-03-2019 09:49 AM

Thank you very much for input. Was just thinking to much instead just doing the simple smart group stuff :)

0 Kudos
Reply