Re-enrollment issues when migrating iOS devices between MDM systems (Intune -> JAMF)

New Contributor III

We're in the process of migrating a large number of iOS devices from Intune to JAMF. We've seen that a fairly large number of devices fail to enroll after the initial authentication in JAMF (all DEP devices), and fail with a SCEP error around the time when the MDM profile gets installed.


We have found that this seems to occur when the re-enrollment is performed as described in the steps below:

1. Reassign the device MDM from Intune to JAMF in ASM

2. Wipe the device

3. Attempt to re-enroll - this step fails as descibed above - and DFU/reset MIGHT resolve the issue but not always


HOWEVER! We've now found that if you follow this flow instead, devices enroll just fine:

1. Wipe the device

2. Reassign the device MDM fron Intune to JAMF in ASM

3. Attempt to re-enroll - device usually enrolls just fine and MDM profile is installed


We can't really figure out why this is happening, but we think it has something to do with ASM and how it behaves based on which steps you do in what order here. 

So we'd like to reach out to the community and see if it's someone else that experiences this issue, and if you can resolve it in a similar way as we do. We're also inetersted in to know if anyone else has been working with JAMF or Apple on this and can shed some light on why we see this behavior. If you have something to share, please post a reply in this thread. Thanks! :)