We have a problem where our computers have been losing their profiles over time- we have a solution, running the command "profiles renew -type enrollment", but this requires us to get every single computer into our office one by one to manually run it. I attempted to automate this solution and have run into two new problems:
1. In spite of the -forced flag, which Apple claims will skip over confirmation, it still asks the user to confirm the profile. Which our students would absolutely not do, if they even click on the notification.
2. Even though the user should already be tied to the computer in JAMF, it asks us to put in their AD information again. Our students don't know* this information and we can only take a guess at this remotely, but we can't put it into that box as is.
Is there any way to automate or skip over these issues somehow, or is there a better solution?
In 10.36 we introduced a new API endpoint that would allow for the redeployment of the Jamf framework as long as a machine was still able to receive MDM commands.
You should be able to utilize that and not require any prompting or passwords.
Just to make sure- This would be a way to reinstall the Jamf MDM profiles, correct? We're not 100% on whether or not reinstalling the framework would also re-add the profiles we already have. Especially since the solution is very complex and written for software we don't have/can't afford (so we'd need to figure out how to do it somewhere else). We just want to be sure this will do what we need it to before we jump in and we aren't applying a complicated solution to a different problem.