MDM Profile Randomly Auto-Deleted?

duffcalifornia
Contributor

So, I have a few machines where it appears as though through no action taken by the user, the MDM profile and all associated JAMF-issued profiles get deleted from some of the machines we have in deployment. Does anybody have any clue what could be causing this, and moreover, how to stop it from happening?

12 REPLIES 12

Schooltech65
New Contributor

We're seeing very similar behavior here today. At first we thought it was because we had just recently renewed our Tomcat SSL cert. Sent an email in to JAMF support a little while ago, not sure if I'm comforted or more horrified that it's not just us?

chisox1
New Contributor

We have had it happen to quite a few of our computers as well. Please keep us updated with what JAMF support responds with!

Schooltech65
New Contributor

https://developer.apple.com/system-status/ claims green, but ....a5d6d6a992c940ca9c2dada022464671

duffcalifornia
Contributor

Yeah, I've also emailed support. I don't think it has anything to do with the SSL cert because one of the machines that it's happening on is mine, which was imaged after we renewed our Tomcat SSL cert, and it's the second time it deleted itself.

duffcalifornia
Contributor

stupid double post is double

Schooltech65
New Contributor

Jamf phone support not aware of widespread issue yet. Pulling logs from our JSS to send to them.

Schooltech65
New Contributor

Random question - any of you other folks having trouble using a Tomcat cert signed by RapidSSL? If so, is it a wildcard?

KSchroeder
Contributor

I've had it happen a few times on my Mac where I noticed the Profiles Preferences widget was missing, and then did a profiles -C -v and found there were none. The only thing I was somewhat able to attribute it to was the failure of other profiles to install from Self Service, and/or maybe related to our DLP/Web Proxy app (which is just GREAT by the way) and may have been interfering with the communication to APNS.

duffcalifornia
Contributor

In the middle of going back and forth with JAMF and I'm being asked if the affected machines are connecting to wifi via profile. Our machines are (at least the couple that I'm aware of that are losing the MDM profile) - would this apply to anybody else here?

Schooltech65
New Contributor

raises hand

Schooltech65
New Contributor

I should clarify -- our machines are configured by profile to connect to our wifi networks. That is failing on the affected machines because those profiles went away. We also have a freshly imaged machine from this afternooon that has only picked up the MDM profile, and nothing else. Interestingly, I do see the error "Error Domain=com.jamf.jamfsecurity.error Code=-50 "One or more parameters passed to a function were not valid." UserInfo={NSLocalizedDescription=One or more parameters passed to a fuction were not valid.}" as describe at https://www.jamf.com/jamf-nation/discussions/23059/error-domain-com-jamf-jamf-security-error-code-50 . Related?

duffcalifornia
Contributor

@Schooltech65

UPDATE:

After talking with JAMF support, they believe that there is an issue with the specific QuickAdd package we've been using to enroll our machines for a period of time. They suggested we create a new QuickAdd package to enroll future machines, and use a script that runs the jamf removeprofiles and jamf mdm commands to pull down a new MDM profile directly from the JSS.

Might that sound like it would also apply to your situation?