Help

Noob - want to do fresh install of MacOS with screen sharing enabled upon installation

tpressman
New Contributor

‎05-18-2023 01:31 PM - edited ‎05-18-2023 01:34 PM

Is there a way to easily just do a clean installation of MacOS Ventura on a machine and when that machine is finished with the installation, it will reboot and allow remote control via Remote Desktop or Screen Sharing?  It can be accessible via LAN, that's fine.  I have zero MDM experience, but this seems like it should be simple if you know what to do.  Thanks.

0 Kudos
Reply
7 REPLIES 7

sdagley
Esteemed Contributor II

‎05-18-2023 01:43 PM - edited ‎05-18-2023 01:45 PM

@tpressman In a word, No. There is now an option to have Macs automatically progress through the Setup Assistant screens but you've got to get Setup Assistant started first and that requires hand on. That still won't enable remote access with control however.

0 Kudos
Reply

tpressman
New Contributor
In response to sdagley

Posted on ‎05-18-2023 01:59 PM

Throughout covid I was able to update and manage a fleet of macs remotely.  After software update to Monterey, remote access that was setup before the update was retained and I could go through the setup assistant remotely.  With Ventura, I am blocked and can only manage in person.  There must be a way.  I'd settle for starting with a clean install of Monterey and upgrading it to Ventura, but I still don't have remote access for some reason after the Ventura update completes.

0 Kudos
Reply

AJPinto
Honored Contributor III
In response to tpressman

Posted on ‎05-22-2023 04:44 AM

There must be a way. 

This is Apple we are talking about. They have specifically make this work flow not possible, any possible work around would be flaky and likely would not work. This is a Apple Feedback situation.

 

My head cannon think this workflow may be possible, but I have never tested it and would not be shocked if it does not work. You could use MDM Commands to enable Apple Remote Desktop, and I don't think an account needs to log in locally before being able to log in remotely so long as ARD is enabled.

  • You could disable all authentication on device enrollment which would allow a device to enroll without user interaction.
  • This would in theory leave the device at the login screen with just your Local Admin Account. 
  • Then send the MDM Command to enable Apple Remote desktop and attempt to connect.

 

0 Kudos
Reply

nelsoni
Contributor III
In response to sdagley

Posted on ‎05-19-2023 06:14 AM

Since big sur, Macs can auto advance through setup assistant when enrolled via DEP and have screen sharing enabled and the end of it

0 Kudos
Reply

mmcallister
Contributor II

Posted on ‎05-19-2023 02:10 PM

Beginning with macOS Catalina (10.15), screen recording can only be enabled by the user.  It is no longer possible to enable this via MDM. 

0 Kudos
Reply

nelsoni
Contributor III
In response to mmcallister

Posted on ‎05-19-2023 02:14 PM

Screen sharing yes, but remote desktop can be kickstarted during enrollment and be connected to once enrollment is complete. it is even an MDM command

0 Kudos
Reply

Bol
Valued Contributor

Posted on ‎06-05-2023 08:11 AM

@tpressman 
Yes, I have a test M1 which is DEP enrolled for testing. With ethernet / dep autoadvance / startup policy, I can have this process on repeat; wipe / enrol / dump at login screen with ard enabled. Very quick and handy for testing. 

BUT there is a lot to read up on if you want this to work;

- config profiles (enable ard)

- jamf api / bearer tokens (enable remote desktop)

- script / kickstart ard (configuring apple remote desktop settings and it's control)

- *extra* with no user account created, you need to have another account receive a secure token / escrow to jamf..

If it's worth the time for you to have this setup you can have this working with some effort and light reading!

Good luck!

0 Kudos
Reply