Skip to main content
Question

Manually adding machine to DEP

C
Forum|alt.badge.img+1

Hi I am an Entry level support, fairly new to DEP. Today I manually added a machine to our DEP. I accepted the MDM profile and I believe everything is good. Now can someone tell me the next step in plain English? Isn't JAMF supposed to kick in and all our remote management will kick in? As you can tell I am not familiar with how this all works. There's someone above me who can help but wanted to find the solution first. 

Steps I was told to do:
If machine is not on DEP(check the SN)

Go to > "Link for our jamfcloud enrollment"
Enroll the machine (downloads the profile)
Manually Install the MDM Profile.
Now this is the steps I am missing. I believe its done installing. What should I do next? Should I wipe the computer/restart/etc..


Machine: Big Sur 11.5.2

Thank you so much in advance 😄 

    2 replies

    mm2270
    Forum|alt.badge.img+16
    • mm2270
    • Legendary Contributor
    • 7880 replies
    • August 24, 2021

    Hi there. What you're describing is not a DEP enrollment, it's a User Initiated Enrollment. It's still considered "user initiated" even if you as a support tech do it. DEP, or rather Automated Device Enrollment, as it's now known, kicks in when a new device (Mac or iOS) or a wiped device connects to the internet for the first time during initial setup. The device "phones home" to Apple, and Apple's servers see that based on that devices serial number it should be redirected to enroll in an organization's MDM server, and then does that. That's your Jamf Pro server in this case, but could be any MDM that supports the automated device enrollment process.

    What it sounds like you did was go to something like https://yourjamfserver.jamfcloud.com/enroll/ and logged in to download and install an MDM profile. That's perfectly fine, but it's not a "DEP" enrollment. And in terms of getting the device automagically configured, that's kind of dependent on how your server policies and such are set up. You may have some existing "enrollment" policies that kick in when a new device gets enrolled for the first time. But it's not automatic. Those have to be set up. It sounds like the person who normally manages this may have set something up, but you may need to ask them about it.

    Also, for a device to do that kind of ADE enrollment it has to be added to something called a Prestage enrollment in Jamf Pro. It's not enough that the Mac's serial number is in your Apple Business/School Manager. That's only one piece. It has to be properly scoped to a Prestage for it to get picked up to enroll in Jamf.

    And BTW, you don't want to wipe the computer after being enrolled that way, unless you expected the Mac to do a proper ADE type enrollment and that didn't take place. In that case, wiping it would be a good idea since again, its supposed to kick in shortly after first connecting to Wi-Fi or some other internet connection at the Apple setup screen (assuming it's in the Prestage Enrollment as mentioned).

    Hope that helps somewhat.

    Polybius
    Forum|alt.badge.img+6
    • Polybius
    • Contributor
    • 11 replies
    • August 24, 2021

    Ignore this reply.

    Reply


    Most helpful members this week

    Terms & ConditionsCookie settingsAccessibility statement

    Cookie policy

    We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

     
    Cookie settings