If a computer does one of the Patch Policies in Patch Management, the computer is then marked as "Completed". If the computer is wiped and deployed again, it doesn't get patched because Jamf thinks it's already done.
What should I be doing for this to work?
Short term you can go to those computers, >history>Policy logs and flush all logs. Long term you would want to move away from using "Once Per Computer" Policies for standard softwares. https://www.jamf.com/resources/videos/moving-beyond-once-per-computer-workflows/
I am not personally a fan of having clear policy logs enabled on the re-enrollment level, because it can cause unwanted behavior should you ever have to re-enroll a machine that is currently in use.
What I have done is added the command
to my Erase macOS and re-install macOS scripts that I have. I also include API calls to make sure the computer is unmanaged in the JSS/JPS so that I am not paying for licenses on machines that are blank.
Short term you can go to those computers, >history>Policy logs and flush all logs. Long term you would want to move away from using "Once Per Computer" Policies for standard softwares.
I think you're talking about normal Policies, not Patch Policies. There's no flush logs or trigger for Patch Policies.
@echave If your using DEP, then technically a user could concievably internet restore and automatically re-enroll themselves (in fact this might even be the preferred method in the case of total OS failure offsite). I doubt there is a way to include a delete prior to removal in this scenario so you have to account for re-imaged machines coming back into the system somehow.
We used a scripted solution as per @sdamiano for ours, you generally going to have some kind of first run happening so it's pretty easy to drop in there. It is worth noting if you have a large database or a device with a large amount of logging it can take sometime so it needs to be followed by a short delay before attempting to check for any further policies.