Skip to main content
Question

Offline Casper/jamf binary installs & ensuring computer enrollment

  • December 18, 2013
  • 1 reply
  • 1 view
blinvisible
Forum|alt.badge.img+7

Is there any sort of internal mechanism in which the jamf binary can determine whether or not a computer is enrolled, and if not, attempt an enrollment? We are hoping to begin pre-installing Casper as part of our DeployStudio imaging workflow, but these do not always occur when the JSS itself is reachable. It appears that if the enrollment process triggered by the postinstall script fails, it never tries to subsequently enroll again.

So far with Casper all of our computers have been enrolled through User-Initiated Enrollment (going to the JSS URL/enroll, logging in with LDAP credentials, downloading the QuickAdd.pkg installer, running it manually). This has had the benefit of having the computer's Location information populated with the correct info of the primary user of the machine, but the down side of relying on the end user to go through the steps of getting Casper installed.

    1 reply

    mm2270
    Forum|alt.badge.img+16
    • mm2270
    • Legendary Contributor
    • 7880 replies
    • December 18, 2013

    No, there's nothing built in to do this Hence the feature requests for things like enrollment self healing and other similar requests that are out there (I'll see if I can locate them and post back)

    There are quite a few ways you can try to handle this yourself though. Things like a LaunchDaemon that is deployed along with the image that runs a script once a day to check something like-
    a) Is the jamf binary installed? If yes, then b) Can i see the internal network? If yes, then c) Can the Mac communicate with the JSS? If yes, exit.
    Or
    a) Is the jamf binary installed? If no, then b) Can I see the internal network? If yes, then c) re-install a QuickAdd.pkg (somewhere hidden on the Mac) or, use jamf enroll commands to re-enroll.
    Or.. other scenarios, etc.

    You can also have the Mac query the Casper Suite's API to look for its own computer record via a script. If it finds it, it may be enrolled and managed. Not really a guarantee, but likely. If it can't find it, it certainly isn't enrolled. Juts another possible way.

    As you can see, its easy to go down a rabbit hole with trying to account for every possible scenario. I would like to see JAMF help address the most common scenarios with something built in though.

    Reply


    Most helpful members this week

    Terms & ConditionsCookie settingsAccessibility statement

    Cookie policy

    We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

     
    Cookie settings