Find Macs NOT assigned to a site

Unfortunately there is no criteria for "Assigned to Site" or something like that, so you won't be able to make a Smart Group or search for that, even if you are a global/full Jamf admin. *

This is something you can get from an API query though, so you might have to go that route.

* FWIW, I've always felt that a global Jamf admin should have access to such a criteria when searching. I understand why something like that wouldn't be valid for a Site admin, since by design, they can only see or pull up devices in their own site anyway, but if I'm a global admin then when shouldn't I be able to search by site? It's one reason the Site feature has left me wanting since its introduction. It feels half baked to me.

At my previous company, we just used a smart group where we left site as blank for the criteria and this showed us all computers not assigned to a site. We don't use sites where I current work, so I can't create a screen shot to show the search or test that this still works as expected.

When I used Sites on a previous client, I made enrollment accounts based on Sites so as to have a way to segregate them...it worked well, but it's kinda moot if you've already been enrolled. 

We did this for companies with lots of smaller groups that we needed to deliver different configs to. 

I had a similar issue. I made a post about a workournd I created here: https://community.jamf.com/t5/jamf-pro/custom-extension-attribute-based-on-site/m-p/228424#M216665

Basically I created a custom extension attribute named "Site". Then I used an API script to read the site of each computer, and write the data to that EA. Then you can use that EA in searches or groups. There's not a great other way to do it. 

As mm2270 mentioned, this isn't a feature of Jamf Pro -- even though there's numerous Feature Requests asking for it for years....

You can do this several different ways:

1. Create an Extension Attribute that you assign the devices' current Sites to that EA and then you can utilize that EA in an Advanced Search like you normally would any other criteria item.  You could do this one of three ways:

   1. Create a Config Profile with a custom payload domain (e.g. org.my.AboutMac) and include the Site variable in a dictionary <dict><key>Site</key><string>$Site</string></dict>) which you can then simply use defaults read /Library/Managed\\ Preferences/org.my.AboutMac.plist Site in an EA Script to collect the EA

      1. However, this isn't dynamic if you have devices that switch between Sites; i.e. it will never change or if you devices that aren't actively checking in, it won't work -- and this only works for Macs

   2.  Create a Policy, as swapple mentioned, that writes the Site to a file and collect the info via the method above
   3. Run a script that sets this value on every device using the API. This is what I do and have shared before and others utilize. Here's my script: jamf_assignSiteEA.ps1; some notes:

      1. This is a PowerShell script as I run it on a Windows box that runs other automated tasks that my team has setup

         1. It runs nightly and dumps to a log file for review

         2. It checks if the current Site is the same as the Site EA; if it is, it does nothing, if it isn't, it updates the Site EA

            1. Duplicate records will cause an issue here -- the API cannot handle this

            2. Every time the API is used to change a device record, Jamf Pro acts like that is a "Inventory Update" even though it isn't -- this is a known issue with Jamf Pro that Jamf has yet to fix even though there are numerous Feature Requests asking for it

2. Create a Smart Group in each Site with zero criteria items. This will give you a managed device count for that Site.

   1. I don't like to suggest creating Smart Groups that will be used for reporting....and remember you'll need two Smart Groups per Site (one for computers and one for mobile devices) for nothing more than this need will cause unnecessary overhead in your Jamf Pro Server.