Jamf Nation Community

@bbarciz I use a Configuration Profile (not the same one Rich posted in the article, but the setting is still the same)

It does seem to be working nicely for us as a configuration profile as well. 

Just curious - how to you normally create your config profiles?  Just looking for general suggestions to see if you have a better method than searching the internet for something that looks to do what I want.

Thanks for all your help!

bbarciz, can I ask what you ended up using for a config? I have been wrestling with this with new M1s on Monterey and rtrouton's config doesn't seem to be doing it for me. 

Well...... Your reply made me go back and do a dive into this setup.  I really thought that it had been addressed in my environment for new users, but apparently I was wrong lol.  I believe that my comment above was only actually meant for when a new computer was going through pre-stage enrollment, and not actually when a new user logs in.  I verified that I did receive the prompt as a new user on a machine.  Sorry for my previous mis-leading reply :-( 

What has been your experience trying the config from rtrouton?

Gotcha.  I went and did find a previous task that I had closed out where I said I have a configuration profile setup for this and it was working.  I can't find it in Jamf though so maybe I accidentally deleted it.  I will try to setup the profile and see if I have any luck and give you an update.

Thanks

I had a chance this morning to re-setup the configuration profile and deploy it to a classroom that has M1 Macs in it.  This seems to be working properly for me.  On a computer where I do not have a user account already created, the setup touch ID step is skipped.  One thing that I did notice, is that the window tries to load for just a couple of seconds on the screen, but it never actually loads the contents of the window.  It just displays an empty rectangle where it would have the start of the steps and then disappears with no further interaction. 

For creating this profile, I used the iMazing Profile Editor software.  The option is in the interface, you enable it and then give it the other info and save it out.  Then you import this into Jamf.  I'm sure you could do this by hand though since it is a short profile.

This is the mobileconfig profile when opened in BBEdit:

This is what is shown in System Preferences - Profiles:

 Hopefully that helps!

I think I am missing something. I don't normally use iMazing and am having trouble going from it into JAMF with any success. Are you able to export the actual mobileconfig?

I also just recently found out about iMazing.  Yes, once you configure the setting(s), you do a file - save (as) and that will give you a file that you will import into Jamf's Configuration Profile area using the upload option (instead of the new option).

I don't think I have missed anything based on your description, but it still won't work. What are you using for the Preference Domain? I was using 'com.apple.SetupAssistant'

That is what I have put in the "Identifier" field in iMazing.  In the .mobileconfig file, it is listed in the "PayloadIdentifier" string value field.

I will also look at this as well. Thanks for the reply.

So, I never put any thought into this at all until this reply.  I wonder if it is a difference in laptops vs desktops?  The M1 iMacs that we got in have the keyboard with Touch ID capability and that is what are in the lab that I was trying to have it disabled in.  I have not tried to do anything with this on MacBooks though.  Maybe that is why the results are different.

I was out for a couple days, so when I got back I read everything you replied with (thanks for taking the time), and when you wrote this I had "ahhhhhhh crap!" moment. I bet you that has a lot to do with it. It's like when you plug an external display into a Mac. Only then do your "Arrangement" choices show up under Display Prefs. This seems like the same sort of selective menu acknowledgment that the OS likes to do.

Yes I agree, only show options when the hardware is connect that supports it has both advantages and disadvantages!  Good luck, hopefully you can figure something out for your environment!

Thank you