I have taken over the role of Jamf administrator in our organization. When setting up a new Mac that is in DEP, during initial boot we enter the AD userid and password of the user who is getting the machine. Shortly thereafter, we are prompted to enter a user account for the Mac. We generally enter our admin credentials here, but sometimes we get a message stating that this account name is invalid. The reason is because the hidden admin account is already created. I've looked in out Jamf Pro server and I can't find any policy that could be creating this hidden admin account. Is there something in DEP that could be creating it?
Solved! Go to Solution.
Can you check under Computers > PreStage Enrollments > Select the DEP that the device is popping up in
If you change this setting, remember that you'll need to completely wipe and re-enroll the device for it to take the new settings. My guess is the devices that work and the devices that don't work are in different DEP groups. You can check and already enrolled device group by going into the device on JAMF and looking in the General tab.
This is the group that the computer I just did this morning is in. There is nothing configured under Account Settings. It looks like all of our computers get put into this same group. We do have a few other groups under Prestage Enrollments, but there are no devices scoped to those groups, nor is anything configured for Account Settings in those other groups.