Posted on 03-25-2019 09:25 AM
I have a Mac configuration profile with a scope set to a dynamic group.
It installed on all machines in that group.
I now have a machine that has left that group, but it still reports the configuration profile is applied. It's been a long time, so this is well after several reboots and inventory updates.
JAMF Pro 10.10.1
Older device 10.11.6
Thanks
Posted on 03-25-2019 09:32 AM
@CCNapier If you look at the Management tab for the computer record in Jamf Pro is the removal showing as pending or as having failed?
Posted on 03-28-2019 03:42 AM
Yes, completely forgot to look here!
Showing as failed.
Getting someone to go to the machine and resolve. Hopefully.
Thanks for the reminder!
Posted on 02-26-2020 03:44 PM
I'm having the same issue. We had setup a mobileconfig configuration for WiFi profile - we had removed this from our jamfcloud, yet under all machines it seems to be applying it (thought, reporting as failed) I can navigate to the profile in jamf, but as it has already been deleted there's no further options to edit/hard delete. How can we delete it fully so that we do not see these "errors" in our logs?
Thanks a lot :)
Posted on 02-26-2020 04:24 PM
We have been seeing the same thing for a while now and have found if you delete the profile before ensuring all clients have the profile removed correctly it will just continually fail.
I have even attempted to rebuild the profile and remove it but it will continue to show failures...
In general, we have been making sure the profile is not pending for any devices before deletion.
I have resorted to doing a failed command flush on lab devices where we were using our 8021x profile in question through the API.
see below, you will need to change the base64 encrypted string for your environment but I would suggest making sure you don't want to see the failed policies as it will clear them all. this is fine for us due to them just being labs. We run this on labs once per day.
#!/bin/bash
idtype=computers
status=Failed
jssurl=$(defaults read /Library/Preferences/com.jamfsoftware.jamf.plist jss_url)
#get the serialnumber
sn=$(system_profiler SPHardwareDataType | awk '/Serial Number/{print $4}')
#get the jamf pro id based off serialnumber
id=$(curl -ks --header 'authorization: Basic #################' -H "accept: text/xml" "$jssurl"JSSResource/computers/serialnumber/$sn | xmllint --xpath "computer/general/id/text()" -)
# force individual computer by replacing ID here and uncomment
# id=2641
#Delete pending & failed commands for the mac
curl -ks --header 'authorization: Basic #########################' -H "content-type: text/xml" "$jssurl"JSSResource/commandflush/computers/id/$id/status/$status -X DELETE