Help

Prestage enrollment configs

kadams
Contributor

Posted on ‎08-17-2018 07:59 AM

Good morning everyone, hope all is well. I just setup prestage enrollment for our computers here. I'm having a couple of issues. During setup, i'm prompted to enter the MDM password. When I do that, it pre populates that exact username and password for the local account. How do I get it to use separate passwords. For instance, I should be able the local computer account username and password and have it populate on that screen. Also, all of the configuration profiles and policies didn't get pushed out to the machine. Furthermore, I would like those to get pushed out a bit faster than they normally do. Can anyone of you help assist me with this?.

0 Kudos
6 REPLIES 6

blackholemac
Valued Contributor III

Posted on ‎08-17-2018 09:02 AM

Assumption 1: your JSS is bound to a directory service such as AD

Assumption 2: you are using user initiated enrollment and not DEP. (not safe to assume but I derived from your post)

When trying to enroll, user is presented an enrollment page, credentials in with a directory account eligible to enroll and is presented with a QuickAdd package to download. QuickAdd package MUST be installed with an admin cred on the local machine or directory account with admin privileges on the local machine. Once installed enrollment is complete and other enrollment actions take place.

That’s how it’s supposed to work. Please clarify if my assumptions are incorrect or where it is breaking down on the process.

0 Kudos

kadams
Contributor

Posted on ‎08-17-2018 09:18 AM

@blackholemac , yes we do have user initiated enrollment checked off. Should i be unchecking that? We aren't using active directory here.As for the directory account eligible to enroll, yes that pops up during the setup assistant. Its asking for a username and password. I put those credentials in and it moves me to the create local account screen. That screen is populated with the credentials of the directory account eligible to enroll.. How do i get it to populate just computer account username and password?

0 Kudos

blackholemac
Valued Contributor III

Posted on ‎08-17-2018 09:23 AM

In Global Management for user initiated enrollment you have to authorize an LDAP group of users to initiate enrollment. This leads me to believe you must use a directory service of some sort with your JSS to use User-initiated enrollment.

If you seek a QuickAdd package which is local only consider using the Recon app to generate a QuickAdd package valid for any device. Make sure you sign the QuickAdd package if possible. Make sure to consider UAMDM if working with High Sierra.

0 Kudos

kadams
Contributor

Posted on ‎08-17-2018 10:10 AM

@blackholemac Before DEP, I would visit a the jamf url to download the quick add package. We are just setting up DEP today. It went fine through the setup assistant. The machine isn't receiving any profiles or policies. How do I solve that issue?

0 Kudos

kadams
Contributor

Posted on ‎08-17-2018 12:10 PM

I got it to work guys.

0 Kudos

blackholemac
Valued Contributor III

Posted on ‎08-17-2018 01:25 PM

What was the issue may I ask?

0 Kudos