Enrolling a Virtual Machine in Jamf Pro

jarednichols
Honored Contributor

Hi all-

Been awhile since I've been round these parts. Trying to work out a scenario for a customer and I'm having a heck of a time getting a VM properly enrolled into Jamf Pro. I thought I was doing all the magic things needed, but perhaps missed something. 

  • Host platform: Intel (16" MacBook Pro i9)
  • Hypervisor: VMware Fusion Pro 12.2.3
  • Network: Bridged
  • Guest OS: macOS Monterey 12.3.1

in the VM's vmx file I have:

  • hw.model = MacBookPro16,1
  • smbios.use12CharSerialNumber = "TRUE"
  • serialNumber = C02CF0CVMD9R (very close to my actual serial number. The 9 at the end is a different digit on the actual hardware)

I thought those in the vmx file would allow MDM to function properly but when I do a user-initiated enrollment I get the CA profile, the MDM profile and that's it. In the computer's inventory I get "MDM Capability:No"

I feel like I must be missing something dumb as a result of being out of this game for awhile. Thanks!

1 ACCEPTED SOLUTION

jarednichols
Honored Contributor

So, I figured it out. When you set the VM up, before it ever fires up for the first time, you must set the parameters in the vmx file. If they aren't set right at first boot, there's no chance to set them correctly and have it function. You have to re-build the VM from scratch if you miss it before first boot. 

Best I can figure, there are places elsewhere where the serial, hw.model, etc are being set when the VM boots for the very first time, after which whatever is in the vmx file is ignored.

I've got the VM enrolled into Jamf properly now and MDM and pushing configuration profiles is working as you'd expect.

View solution in original post

10 REPLIES 10

jarednichols
Honored Contributor

Additionally, the jamfadmin user is never created, SSH isn't turned on etc.

mickl089
Contributor III

you can also manually enroll via https://yourcompany.jamfcloud.com/enroll

jarednichols
Honored Contributor

Yep, that’s the route I’m going but no love. 

mickl089
Contributor III

on intel devices with parallels i always used the first way you described, this worked for me good. with apple silicon it´s not possible anymore. but i used a real SN from an old device of us. but only this two lines:

devices.smbios.serial=XXXXXXXXXX

devices.mac_hw_model=MacBookProXX,X

Good point. Failed to mention this is all Intel. Post edited.

dhausman
Contributor

I had to do a few things in the VM Options on the VM under advanced then Configuration Parameters to get things to work.

I added the following configuration parameters:

board-id

hw.model

serialNumber

What is the board-id parameter? I'm not familiar with it. I do have in my current vmx file

'board-id.reflectHost = "TRUE"

I suspect maybe I need to set that FALSE and supply a board-id of some sort?

hw.model = MacBookPro16,4

board-id = Mac-A61BADE1FDAD7B05

jarednichols
Honored Contributor

So, I figured it out. When you set the VM up, before it ever fires up for the first time, you must set the parameters in the vmx file. If they aren't set right at first boot, there's no chance to set them correctly and have it function. You have to re-build the VM from scratch if you miss it before first boot. 

Best I can figure, there are places elsewhere where the serial, hw.model, etc are being set when the VM boots for the very first time, after which whatever is in the vmx file is ignored.

I've got the VM enrolled into Jamf properly now and MDM and pushing configuration profiles is working as you'd expect.