Jamf Nation Community

Don't see anything in the JSS log about that. In any case, the profiles are getting installed, it just isn't managing the preferences.

I'm having a similar problem. We had a couple of Managed Preferences set during our Jump Start, I then set up a Configuration Profile to do the same thing and removed the Managed Preferences. I cannot get the new profile to work consistently on our test machines.

In order to get the affected machine back in service, I'm going to back up the user's data and re-image the machine. I don't see much other choice, since this doesn't seem to have an easy answer.

Try ```
sudo jamf enroll

Then a restart. 

Once restarted, it may not be enrolled. So run the command again. 

If MDM cert is there then run: ```
netstat | grep tcp4

You should get something about apple courier & port 5223 if successful.

Nope, didn't work. My user still has access to all of the preference panes that I have restricted. Again, the profile is getting installed. The preferences just aren't being applied.

EDIT: Also, I know that MCX settings are somehow still being applied to the machine, because when I log into a newly-created user account, some preferences panes are hidden (not disabled), which is something that we used to manage with MCX before moving everything into configuration profiles. I have no idea where these settings are coming from, since they are no longer assigned in the JSS, and I have run```
dscl . -mcxdelete /Computers/localhost
dscl . - mcsdelete /Users/<myuser>
``` but the MCX settings continue to be applied.

@nextyoyoma, when you turned off the MCX settings in the JSS, did you set them to "Make this Preference unmanaged" or did you simply delete them from the JSS? Technically you're supposed to do the former. Doing the latter may get you into a situation like the one you're experiencing, where the settings may stick to a Mac that has had them applied already. That's not always the case, but I have seen "ghost" MCX settings that simply won't go away until the original MCX is set to Unmanaged and applied to the machine in question.

In addition to the dscl commands above that you ran, have you deleted the entire 'Managed Preferences' folder in /Library/ from the Mac and restarted?

@mm2270 - I initially did that, but once I was reasonably certain the "unmanaged" version of the preference had been applied to every machine, I unscoped the MCX prefs entirely.

I have tried deleting /Library/Managed Preferences, but the issue persists after restart.

Ok, issue persists even after re-imaging. Maybe this is because there were MCX preferences applied to the machine we used to generate our base image? If so, I guess we will never be able to reliably manage any preferences. Extremely frustrating.

EDIT: double post.

We had the same problem with Config Profiles being applied inconsistently last summer. We scripted what we could and abandoned the Config Profiles for now. We'll give it a try again when 10.9 is released.

Never found the MCX things we wanted to do were reliable either, so never used them.

@nextyoyoma - Since the MCX settings were applied when a new user was created, did you check to make sure the MCX preferences are not still in the /System/Library/User Template/ preferences.