Posted on 05-16-2022 06:44 AM
Good morning all, looking for some help in case others have run into this.
Our org is using Palo Alto. We've added decrypt, no auth, and whitelisting for *.jamfcloud.com addresses and the Apple APNs.
Everything works fine except for the downloading of my pkgs during prestage. (Happens with any pkg added to a prestage).
Our instance only exists in Jamf Cloud along with a cloud distribution point (full cloud).
All other configurations run during the prestage. There are no issues with self enrolled devices or devices accessing jamf cloud resources (policies/configs/self service) when on the desktop. Things are pushed down and automatically applied via policy without problem.
Just wondering if anyone else has faced this? It seems like something, just not sure what rule we need to add/create, is blocking/preventing downloads from the Cloud DP during prestage only.
**Yes, the defined prestage enrollments work 100% as intended when offsite of the corporate network.
Posted on 05-16-2022 12:46 PM
We don't use Palo Alto in our org but try these few things.
- If you altered/repackaged the pkg (for custom install, license key, etc) make sure the package is signed.
"Signed packages—You must upload a signed package to Jamf Pro prior to configuring the PreStage enrollment....." read more here.
- If the app requires configuration profiles (PPPC, license key, etc), be sure to scope those profiles as part of the PreStage enrolment.
- If check the application requires a specific type of user. During PreStage, your logged in user is "_mbsetupuser"
Posted on 05-16-2022 01:21 PM
Your suggestions are all good and accounted for.
Jamf Support has been assisting with trying to determine what the cause is but I figured I'd ask here as well to see if anyone else may have run into this.