- Jamf Nation Community
- Products
- Jamf Pro
- Machine cleanup without complete wipe
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-24-2022 03:02 PM
Hi all, sorry for the rookie question, just getting Jamf environment set up in the (now cloud based, remote) office, and there's a lot of machines that have.... been around a little while ;-). I would really like to have some sort of clean slate as we transition to Jamf, but I can't really wipe all these remote machines (more than 30) and start over (we can't use automated enrollment with these older machines, and many of the non tech savvy users would be totally lost if I had to talk them through a clean OS install over the phone or something), as more than half of them are spread out all over the place with all of our users working remotely now. As an alternative, I was thinking it would be nice to clean out all of the old versions of applications (we use a lot of Adobe, 3d and graphics software in general, so the older versions pile up rapidly, and no one ever has time to do much about it). Anyone know of a script that will remove not just the entries in the /Applications directory, but the associated files that go with? That way I can just push out the latest/greatest from the Jamf app policy garden I am currently creating on our server. Is this the correct place for this sort of query? Thanks in advance
Solved! Go to Solution.
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-25-2022 07:04 AM
You would need to write uninstall scripts for every application you want to remove. This would need to include you tracking down all related files, daemons and services so you can have the uninstaller remove all this stuff. Unfortunately the only "reset" button is to reinstall the OS.
It is best to reprovision your Macs with questions like the ones you are having. It is not required to reprovision macOS bit it is by far the least technical path ahead of you. Any devices that were not enrolled with DEP, really should be added to Apple Business/School Manager.
- Understanding Device Enrollment — Deployment and Management Tutorials | Apple Training
- About Apple device supervision - Apple Support
- Apple Configurator User Guide - Apple Support
My suggestion: (After getting your MDM instance fully setup)
- Evaluate your fleet. Get rid of anything that does not support macOS 12.
- I cannot stress how critical it is to have standards on device life cycle. Do not allow old unsupported OS's in your environment, period.
- Start rotating devices out.
- Ship a fully configured Mac to a user, and have them ship their device back. Setup their old device for the next user and keep moving down the list.
- Dispose of anything that does not support macOS 12
- If a device is not actively being used, recall it and take ownership of it and put it in to your inventory.
- Use Apple Configurator to enroll any nonDEP enabled devices in to ABM or ASM.
I use macOS 12 as the bottom limit, but that is up to you. MacOS 11 will be supported until next August and macOS 13 just came out yesterday.
TL;DR:
30 devices really is not a lot. I would recall the devices, reimage them, and ship them back out. Going to a new MDM is the best time to clean up your environment. Do it right the first time, or do more than one time.
Reply
1 REPLY 1
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-25-2022 07:04 AM
You would need to write uninstall scripts for every application you want to remove. This would need to include you tracking down all related files, daemons and services so you can have the uninstaller remove all this stuff. Unfortunately the only "reset" button is to reinstall the OS.
It is best to reprovision your Macs with questions like the ones you are having. It is not required to reprovision macOS bit it is by far the least technical path ahead of you. Any devices that were not enrolled with DEP, really should be added to Apple Business/School Manager.
- Understanding Device Enrollment — Deployment and Management Tutorials | Apple Training
- About Apple device supervision - Apple Support
- Apple Configurator User Guide - Apple Support
My suggestion: (After getting your MDM instance fully setup)
- Evaluate your fleet. Get rid of anything that does not support macOS 12.
- I cannot stress how critical it is to have standards on device life cycle. Do not allow old unsupported OS's in your environment, period.
- Start rotating devices out.
- Ship a fully configured Mac to a user, and have them ship their device back. Setup their old device for the next user and keep moving down the list.
- Dispose of anything that does not support macOS 12
- If a device is not actively being used, recall it and take ownership of it and put it in to your inventory.
- Use Apple Configurator to enroll any nonDEP enabled devices in to ABM or ASM.
I use macOS 12 as the bottom limit, but that is up to you. MacOS 11 will be supported until next August and macOS 13 just came out yesterday.
TL;DR:
30 devices really is not a lot. I would recall the devices, reimage them, and ship them back out. Going to a new MDM is the best time to clean up your environment. Do it right the first time, or do more than one time.
Reply
