Posted on 03-28-2024 01:43 PM
Hey All,
Still pretty fresh to being a JAMF admin and had some questions. When I picked it up I know that we had a local, hidden, admin account created during the PreStage and that works wonders when something auto enrolls. Although on the off chance that one of us have to manually enroll the device, the local account we create does not always populate. I see that in the Global settings there is a section for User-initiated enrollment, will this assist with creating local accounts when someone does it themselves or am I misunderstanding this? Is there a better way to make sure the local account we want get setup when someone manually enrolls a device?
Posted on 04-01-2024 06:22 AM
The workflow that creates the local admin during the pre-stage does not run during device enrollment when the *.jamfcloud.com/enroll method is used. If you need to put your local admin account on devices that are manually enrolled, you will need to create a policy to add the account at enrollment.
Generally speaking, you do not want to use Device Enrollment (User-initiated enrollment) for anything beyond lab testing, and you want all devices enrolling with Automated Device Enrollment (PreStage).
Posted on 04-01-2024 10:52 AM
Well, in a perfect world, maybe. But many don't have AxM and you need that.
We have clients on both sides, and both work fine. One is just a little easier...
@AJPinto wrote:
The workflow that creates the local admin during the pre-stage does not run during device enrollment when the *.jamfcloud.com/enroll method is used. If you need to put your local admin account on devices that are manually enrolled, you will need to create a policy to add the account at enrollment.
Generally speaking, you do not want to use Device Enrollment (User-initiated enrollment) for anything beyond lab testing, and you want all devices enrolling with Automated Device Enrollment (PreStage).