Policies not running after Automatic Enrollment

greenabundance
New Contributor

I am noticing odd behavior with Automatic Enrollment specifically, where about 50% of the time policies do not run despite being in scope. We have some policies set to run on enrollment to install company apps, etc. If I have the end user run sudo jamf policy, then the policies will execute. I always delete the computer before re-enrolling, and I even have opened new-in-box MacBooks to test this behavior. Manual Enrollment doesn't seem to have a problem although that is not ideal. Thank you!

1 REPLY 1

sdagley
Honored Contributor II

@greenabundance Do you have "Allow Network State Change Triggers" disabled in Settings->Computer Management->Check-In? Having that enabled can cause problems with policies being triggered by enrollment completion.

You should also look at the combination of DEPNotify and DEPNotify-Starter as the mechanism to run your initial configuration when a Mac is enrolled. Rather than having to trigger all of your initial policies via the enrollment complete trigger you would need just one to install DEPNotify and then trigger the DEPNotify-Starter script which would be configured to run your standard initial policies.