Re-purpose a Mac for another user
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on
01-13-2020
08:37 AM
- last edited
Tuesday
by
kh-richa_mig
It seems I'm always typing this first part, but until i feel comfortable here goes.
I'm a new Jamf admin and we have Jamf Pro and soon will have Jamf connect. with normal turnover, i am trying to find the best way to repurpose the macs we have, and I'd to to have the following 2 options available.
1: A user leaves and the mac will go to another department, meaning i want all of the users data gone, as well as the apps installed, but I want to keep the current MacOS
2: A user leaves, but the machine will stay in the current department and I want to keep the apps installed, but get rid of the users data.
Is there a way to accomplish these tasks through Jamf?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-13-2020 08:45 AM
Hi,
For the first one, you would probably look to erase and re-install the Mac. One method would be to deploy the "Install macOS.app" and then use startosinstall to kick off an erase and install.
For the second point, as you would need to determine the username programatically, you would probably use sysadminctl in a script, triggered via a policy.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-13-2020 09:19 AM
Above post definitely works.
I usually end up using a USB and delete the drive from the Disk Utility, then installing fresh.
Smart groups are your friend. Unless you are using some old piece of software that HAS to stay on as is, reinstalling programs via JAMF is painless. If you are changing departments, change the smart group(s) they are part of.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-13-2020 10:36 AM
I would always wipe it clean and re-provision it fresh to ensure the next employee has a fully factory restored Mac when they get on-boarded
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-13-2020 11:04 AM
I strongly recommend a complete wipe and reinstall. That is what Apple intends, and should be required by your security policies for any device.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-13-2020 11:42 AM
If you're going to use FV (which you should), you're going to need to consider token provisioning for the next user as well. I'll echo what the others have said so far and recommend the same wipe/reprovision procedure for both instances described above
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-13-2020 11:48 AM
What is FV?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-13-2020 11:50 AM
FV = Filevault 2 disk encryption
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-13-2020 12:11 PM
duh.....sorry
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-13-2020 12:53 PM
There are too many acronyms in tech, so easily to get them confused.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-13-2020 12:55 PM
Tech? yeah, I'm a Marine too so I got a lot more stuck in my head!!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-13-2020 09:06 PM
You probably have 100s to 1000s of acronyms in your brain then haha :-)
