Jamf Nation Community

Bendelaat · ‎11-28-2013

I'm trying to get some profiles on my VM's, running on a esxi platform. when i make a empty profile at system level it get's pushed fine to my "regular clients" MBP etc. the profiles never appear in my VM's.

i tried to

jamf removeMDMProfile

jamf manage

on all VM's i have the MDM Enrolment profile so it seams they get pushed like they should.
the VM's are in the same subnet as my other clients so network issues are unlikely.
the following telnet tests are fine.

telnet 1-courier.push.apple.com 5223

telnet gateway.sandbox.push.apple.com 2195

telnet gateway.push.apple.com 2196

i'm at a loss, i see no reason why it shouldn't work.

who can help?

rtrouton · ‎11-29-2013

Virtual machines don't seem to work with Apple's push notifications. I'm not certain of the "why", but I suspect it's because OS X VMs generally have serial numbers that were not generated by Apple.

In my VM testing, I've found that anything involving having a Apple-registered hardware serial number / sending hardware serial number back to Apple doesn't work in VMs. This includes iCloud services like Find My Mac and Messages and it also applies to getting hardware-specific OS installers via Recovery HD. It may also apply to profiles whose installation relies on Apple's APN service sending a push notification.

One thing you could try is exporting the profiles from your Casper server and installing them using the profiles command. If installing the profiles works using the command-line installation method, then your issue is APN.

View solution in original post

dlondon · ‎11-28-2013

My work mate here has had the same problem. He thinks the OS knows it's on a VM and so doesn't allow the Configuration Profiles.

Looking forward to someone out there showing that he is wrong :)

Regards,

David

Bendelaat · ‎11-29-2013

David your mate might be correct, all my VM's have a different UUID than regular macs, they're all like

**00000000-0000-1000-8000**-000C29510BFB

not sure if this is related. anyone else seeing this?

rtrouton · ‎11-29-2013

Virtual machines don't seem to work with Apple's push notifications. I'm not certain of the "why", but I suspect it's because OS X VMs generally have serial numbers that were not generated by Apple.

In my VM testing, I've found that anything involving having a Apple-registered hardware serial number / sending hardware serial number back to Apple doesn't work in VMs. This includes iCloud services like Find My Mac and Messages and it also applies to getting hardware-specific OS installers via Recovery HD. It may also apply to profiles whose installation relies on Apple's APN service sending a push notification.

One thing you could try is exporting the profiles from your Casper server and installing them using the profiles command. If installing the profiles works using the command-line installation method, then your issue is APN.

Bendelaat · ‎01-01-2014

@rtrouton i have to agree with your assessment, thanks for sharing as i was going nuts trying to figure this out.

i'll mark your answer as "Answer"

thanks

Josh_S · ‎04-05-2014

Hopefully this info helps other people struggling with this. There is a workaround to get push notifications to work on Mac OS computers hosted on ESXi, you need to get a shorter serial number. The ones generated by default are just too long to work with Apple's push notification service. ESXi 5.5 allows generating a 12 character serial number, I don't believe this works with 5.1 or earlier.

The trick is to enter the following key/value pair into the vmx file.

"SMBIOS.use12CharSerialNumber" = "TRUE"

You can also do this in vSphere Client:
1. Shut down your VM.
2. "Edit virtual machine settings"
3. "Options" tab.
4. "Advanced" > "General"
5. "Configuration Parameters" : "Configuration Parameters..."
6. "Add Row"
7. Name: SMBIOS.use12CharSerialNumber
8. Value: TRUE
9. "OK" : "OK" : "Power on the virtual machine"

In my testing, making this change immediately enables MDM. No jamf manage/recon needed. On next recon, the serial number will update in the JSS. I only tested in Casper 9.3, I don't know how previous versions will work.

libertyuniversi · ‎07-30-2014

I'm using VMWare Fusion 5. I opened the imageName.vmx file and added:

SMBIOS.use12CharSerialNumber = "TRUE"

Now the model number is shorter and it installs my configuration profiles.

jwinkler · ‎08-31-2017

In my case the generated serial contained an "+".
I just adjusted the serial manually in the vm settings using

serialNumber = "SERIAL-NUMBER"

I simply replaced the + with an letter.

m3ir · ‎10-29-2019

ESXi 6.7, Mojave 10.14.6 vmx
added 2 rows under vSphere client:
SMBIOS.use12CharSerialNumber = TRUE
serialNumber = "SERIAL-NUMBER"

still can't get the machine enroll on Jamf Pro 10.16 .
any suggestions?

Kind Regards,
Meir

ericstrom · ‎03-22-2021

I just had the same issue with my VirtualBox Mac running Catalina. I had set the serial number to a three digit serial which resulted in the configuration profiles not getting installed on the machine. I changed to a 12 character made up serial number and it worked.

VBoxManage setextradata "Catalina" "VBoxInternal/Devices/efi/0/Config/DmiSystemSerial" "XXXXXXXXXXXX"

Jamf Nation Community

Configuration Profiles on Virtual machines