Help

Enrolled via DEP: No (?? - YES!)

Go to solution
jsantiago
New Contributor II

Posted on β€Ž07-17-2018 10:41 AM

I am testing no-touch app installs and configuration with DEP Mac devices in JAMF.
I have a DEP Mac that I registered with JAMF and initially the device info did note that YES it was enrolled via DEP. After testing many settings I wiped the MAC and deleted the entry in JAMF so it can be configured as a new machine. However, thereafter, in the JAMF computer info, the info states that NO it was not enrolled via DEP. The thing is I have a smart group to add devices enrolled via DEP so now this workstation cant be added and the policies i have created that are tied to the smart group do not apply to this machine.
What is the trick to get JAMF to recognize that this mac was enrolled via DEP?
I also have one error come up: Command requires DEP enrollment: UserList <MDMClientError:74>
Thanks!
74fc4931b414474886202ebde4bc1fb2

Labels:
2 ACCEPTED SOLUTIONS

Go to solution
chriscollins
Valued Contributor

Posted on β€Ž07-17-2018 10:49 AM

I can't address why that is showing as no but my recommendation is to build your smart group around the criteria "Enrollment Method = PreStage enrollment: <name of prestage enrollment>" instead of using that Enrolled via DEP criteria. It will always be accurate. We set our smart group with that as the criteria and enrolled within the last day.

Also I just checked and I am pretty sure jamf gets that status of Enrolled via DEP from the profiles command.

sudo profiles status -type enrollment

I just checked and on a lot of machines that were enrolled via DEP its saying NO even though it was so the underlying profiles command might be giving back bad info.

View solution in original post

Go to solution
jsantiago
New Contributor II

Posted on β€Ž07-17-2018 11:26 AM

I believe I found the solution to the "Enrolled via DEP: No" issue.
In this case I was getting the following error: Command requires DEP enrollment: UserList <MDMClientError:74>
So I triggered DEP on an already configuered mac by running the following:

For lower than 10.13.4: sudo /usr/libexec/mdmclient dep nag

For 10.13.4 and higher: sudo profiles renew -type enrollment

This cleared all the profiles and re-registered it.
Now JAMF see "Enrolled via DEP:" as YES.

Still @chriscollins method is more reliable since it wont depend on this, which I just realized can break.

View solution in original post

13 REPLIES 13

Go to solution
chriscollins
Valued Contributor

Posted on β€Ž07-17-2018 10:49 AM

I can't address why that is showing as no but my recommendation is to build your smart group around the criteria "Enrollment Method = PreStage enrollment: <name of prestage enrollment>" instead of using that Enrolled via DEP criteria. It will always be accurate. We set our smart group with that as the criteria and enrolled within the last day.

Also I just checked and I am pretty sure jamf gets that status of Enrolled via DEP from the profiles command.

sudo profiles status -type enrollment

I just checked and on a lot of machines that were enrolled via DEP its saying NO even though it was so the underlying profiles command might be giving back bad info.

View solution in original post

Go to solution
jsantiago
New Contributor II

Posted on β€Ž07-17-2018 11:00 AM

Thanks @chriscollins !
That would solve my issue. Cheers

0 Kudos

Go to solution
jsantiago
New Contributor II

Posted on β€Ž07-17-2018 11:26 AM

I believe I found the solution to the "Enrolled via DEP: No" issue.
In this case I was getting the following error: Command requires DEP enrollment: UserList <MDMClientError:74>
So I triggered DEP on an already configuered mac by running the following:

For lower than 10.13.4: sudo /usr/libexec/mdmclient dep nag

For 10.13.4 and higher: sudo profiles renew -type enrollment

This cleared all the profiles and re-registered it.
Now JAMF see "Enrolled via DEP:" as YES.

Still @chriscollins method is more reliable since it wont depend on this, which I just realized can break.

View solution in original post

Go to solution
ben_hertenstein
Contributor

Posted on β€Ž07-25-2018 03:18 PM

A similar issue has been bugging me all day while preparing computers for incoming students. Thanks @chriscollins and @jsantiago

0 Kudos

Go to solution
carrie
New Contributor

Posted on β€Ž10-11-2018 02:41 PM

sudo profiles renew -type enrollment
sudo profiles status -type enrollment

Enrolled via DEP: No

still not working and ...

Enrollment Method: User-initiated - no invitation
I enrolled via the https://<jamfserver>/enroll

0 Kudos

Go to solution
a_holley
Contributor

Posted on β€Ž07-24-2019 06:03 PM

@jsantiago that worked for me, thanks! Just a note, I had to approve the MDM profile again which was ok because the machine was on my testing bench, but it won't work for our 600+ remote computers...

0 Kudos

Go to solution
mhegge
Contributor II

Posted on β€Ž12-12-2019 03:37 PM

Brand new Mojave iMacs (2, three more to go but am holding off...) - JAMF pro 10.12

Same issue: UserList <MDMClientError:74>

Enrolled via DEP: No

Devices are enrolled, have received all of their Policies and Config Profiles

All methods used above have had zero affect

0 Kudos

Go to solution
tjgriffin
New Contributor III

Posted on β€Ž12-13-2019 09:33 AM

I’m getting the same.
I run the profiles command and see no change in the JSS.

I’ve also removed the keychain.aspd file like some other discussions suggest.

Any help would be great.

0 Kudos

Go to solution
mhegge
Contributor II

Posted on β€Ž01-03-2020 07:44 AM

This is not resolved. Please update.

0 Kudos

Go to solution
arnokenis
New Contributor III

Posted on β€Ž05-20-2020 12:06 AM

I am starting to see this too, I have 60 computers with this issue and counting. Seeing it's been going on since 2018 I don't think this is ever solved?

0 Kudos

Go to solution
hung_cheng
New Contributor

Posted on β€Ž09-07-2020 01:27 AM

Same problem..

I also tried the below commands and it still doesn't work when I run the sudo jamf recon.

sudo profiles renew -type enrollment
sudo profiles status -type enrollment

Enrolled via DEP: No

still not working and ...

Enrollment Method: User-initiated - no invitation
I enrolled via the https://<jamfserver>/enroll

Any idea or update on this?

0 Kudos

Go to solution
hcodfrie
Contributor

Posted on β€Ž09-07-2020 07:32 AM

Are you admin on that machine?

0 Kudos

Go to solution
hung_cheng
New Contributor

Posted on β€Ž09-07-2020 11:08 PM

Yes. I have the admin account under the laptop.

0 Kudos
Jamf helps organizations succeed with Apple. By enabling IT to empower end users, we bring the legendary Apple experience to businesses, education and government organizations. Learn about Jamf.