Prestage Enrollment - No check in after

Sirsam28
New Contributor II

Hi everyone,

 

We have PreStage Enrollments and we now have 2 Macs which initially enrolled and I see them registered in Jamf. The problem is, they do not check in after the initial registration and does not get our standard apps (which deploy via smart group targeting a policy for installs).

 

I see that the device does get the configuration profiles and it registers in Jamf but after that initial it seems to not check in any more.

Any suggestions where to look?

Logs from client:

Wed Jun 15 12:21:43 MacBook Pro jamf[8170]: Removing existing launchd task /Library/Application Support/JAMF/tmp/com.jamfsoftware.task.startssh.plist...
Wed Jun 15 12:21:43 MacBook Pro jamf[8192]: The SSL Certificate for https://XXXX.jamfcloud.com/ must be trusted for the jamf binary to connect to it.
Enrolling computer...
Wed Jun 15 12:21:49 MacBook Pro jamf[8215]: Skipping trustJSS command...
Wed Jun 15 12:21:49 MacBook Pro jamf[8215]: JMFCommons.JamfKeychain.JamfKeychainSecurityError.failedToReadJmfKeychainPassword
Wed Jun 15 12:21:50 MacBook Pro jamf[8215]: JMFCommons.JamfKeychain.JamfKeychainSecurityError.failedToReadJmfKeychainPassword
Wed Jun 15 12:21:52 MacBook Pro jamf[8215]: Creating user ADMINXXXX...
Wed Jun 15 12:22:06 MacBook Pro jamf[8215]: The device certificate was created successfully.
Wed Jun 15 12:22:26 MacBook Pro jamf[8215]: Error Domain=NSCocoaErrorDomain Code=4099 "The connection to service named com.jamf.management.daemon.binary was invalidated from this process." UserInfo={NSDebugDescription=The connection to service named com.jamf.management.daemon.binary was invalidated from this process.}
Wed Jun 15 12:22:26 MacBook Pro jamf[8215]: Removing existing launchd task /Library/LaunchDaemons/com.jamfsoftware.task.bgrecon.plist...
Wed Jun 15 12:22:26 MacBook Pro jamf[8215]: Downloading the Jamf Bundle...
Wed Jun 15 12:22:31 MacBook Pro jamf[8215]: Enforcing management framework...
Wed Jun 15 12:22:34 MacBook Pro jamf[8215]: Enforcing scheduled tasks...
Wed Jun 15 12:22:35 MacBook Pro jamf[8215]: Adding launchd task com.jamfsoftware.task.1...
Wed Jun 15 12:22:36 MacBook Pro jamf[8215]: Updating daemon settings
Wed Jun 15 12:22:38 MacBook Pro jamf[8215]: Flushing the /Library/Application Support/JAMF/tmp directory was successful
Wed Jun 15 12:22:38 MacBook Pro jamf[8215]: Upgrading jamfHelper.app...
Wed Jun 15 12:22:39 MacBook Pro jamf[8215]: Upgrading JAMF notification service...
Wed Jun 15 12:22:39 MacBook Pro jamf[8215]: Removing existing launchd task /Library/Application Support/JAMF/tmp/com.jamfsoftware.task.policy.plist...
Wed Jun 15 12:22:39 MacBook Pro jamf[8215]: Unable to launch Self Service. (null) is missing.
Wed Jun 15 12:22:39 MacBook Pro jamf[8215]: Enroll return code: 0
Wed Jun 15 12:22:41 MacBook Pro jamf[8899]: Checking for policies triggered by "enrollmentComplete" for user "XXXX"...
Wed Jun 15 12:22:44 MacBook Pro jamf[8899]: Executing Policy Enrollment
Wed Jun 15 12:22:44 MacBook Pro jamf[8899]: Caching package SentinelAgent_macos_v22_1_2_6102.pkg...
Wed Jun 15 12:22:47 MacBook Pro jamf[8899]: Installing all available Software Updates...
Wed Jun 15 12:28:34 MacBook Pro jamf[9064]: Checking for policies triggered by "recurring check-in" for user "XXXXX"...
Wed Jun 15 12:28:39 MacBook Pro jamf[9064]: Executing Policy Key Escrow
Wed Jun 15 12:29:06 MacBook Pro jamf[9064]: Executing Policy Enrollment
Wed Jun 15 12:29:06 MacBook Pro jamf[9064]: Caching package SentinelAgent_macos_v22_1_2_6102.pkg...
Wed Jun 15 12:29:10 MacBook Pro jamf[9064]: Installing all available Software Updates..

4 REPLIES 4

easyedc
Valued Contributor II

I've seen this a few times recently as well. If you run a 

sudo jamf policy

 Does it start to kick it into action? While I agree that defeats the purpose of ABM and prestaging, it does get the workstation built. 

Sirsam28
New Contributor II

So we get this:

This password trigger is already being run: root 

It does display the date of 15Jun22 (which is when it stopped talking)

 

jpeters21
Contributor II

is the device showing up as "unmanaged" if so sounds like my issue, ended up being a known issue with the opiton of a work around that can be applied by the cloud team or just waiting for 10.39 to be applied to your instance: https://community.jamf.com/t5/jamf-pro/jamf-management-account-not-created-on-dep-enrollment/m-p/268...

 

Sirsam28
New Contributor II

So looking at the two devices, they are still showing managed just not checking in after initial enrollment