Jamf first enrollment fails on reimaged macbook

janzaldua
Contributor

I have a test macbook that was enrolled into JAMF. I reimaged it via macOS Recovery, which installed a fresh new OS for Ventura. I thought maybe this was a Ventura issue, so I rolled back the OS to an earlier version (Big Sur) and the same issue occurs. I get this error: " An error occurred. Contact your IT Administrator "

 

IMG_1988.JPG

 

Note: For clarity, the MacBook installs any macOS just fine, and seems to gather the enrollment profiles/policies from JAMF, but upon first boot (when the user should enter their SSO credentials), it gives this screen.

1 ACCEPTED SOLUTION

janzaldua
Contributor

Update: It was fixed after I removed the Device from Jamf completely. Still unsure of the cause, but when in doubt, just remove the device from JSS

View solution in original post

7 REPLIES 7

SCCM
Contributor III

Basic questions but does your device have internet access at his stage i.e. it hasnt switched networks to somthing whcih requires authentication. Also is your jamf login profile signed, and is the cert on the profile still valid?  thats just looking like it cant get to your IDP

- That is correct, the device has internet at its stage. I will test a different device tonight.

- I believe the JAMF login profile is signed and the cert is still valid, but for clarity, where can I check those two things to make sure.

SCCM
Contributor III

you cant check the cert from within jamf, you need to download the configuration profile from jamf and check inside the profile. Alternatively if profiles are accessible on your machines check one of the other machines profiles for signed information. If its working on all other machines it prob isn't that though.

AtillaTheC
Contributor II

Did you delete the record in Jamf prior to re-enrollment? If not do you have re-enrollment settings set properly?

I did not delete the record, but we do have re-enrollment settings set properly I believe.

Screenshot 2022-12-20 at 8.58.21 AM.png

Keep in mind, this is the only system having the problem. I've wiped and re-enrolled systems many times over the past year without an issue. I could try deleting the record in Jamf, but I was more curious why this was happening.

OK if those settings are set that way then i'm unsure. Could be a firewall issue maybe? Have you tried on a different network? If its the same on a different network may be ideal time to open a support case with jamf to review your logs.

janzaldua
Contributor

Update: It was fixed after I removed the Device from Jamf completely. Still unsure of the cause, but when in doubt, just remove the device from JSS