Help

Initiating "jamf removeFramework" from a policy

rgsteele
New Contributor

Posted on ‎01-23-2023 09:58 AM

We have some Macs that were "gifted" to departing staff and I need to remove them from management without wiping them. I am referencing the Unmanaging Computers from Jamf Pro article but it assumes having physical or direct network access, which I don't have. Is it possible to effect this using a Policy?

I was thinking I could use the "nohup" utility to allow the commands to continue running without being terminated as the Jamf utility itself is removed. Something like this:

nohup bash -c "sleep 30; jamf removeMDMProfile; jamf removeFramework; reboot" &

This seems to work if I initiate the Policy from Self Service, but not if it is triggered by the Recurring Check-in. What am I missing?

0 Kudos
3 REPLIES 3

sharriston
Contributor III

Posted on ‎01-23-2023 11:28 AM

I struggled with this for years and it still never worked quite right. The method I ended up going with is Jamf policy installs a launchagent and a script that just has 

sudo jamf removeFramework

 Then forces a reboot. So basically on check in the launchagent gets installed and the script, it prompts the user to reboot, once they reboot the launch agent runs the script. 

 

I will say it never worked 100%. 

sudoErase
New Contributor III

Posted on ‎01-25-2023 08:19 AM

Personally, I think you should run a Wipe command instead of sudo jamf removeFramework then remove from ABM and Jamf 

0 Kudos

rgsteele
New Contributor
In response to sudoErase

Posted on ‎01-25-2023 08:59 AM

I have considered the "wipe" option, but I would need to somehow make contact with the user first to ensure they have their personal files backed up.

0 Kudos