Jamf Nation Community

rabiul · a week ago

Hi Nation,

I am facing a weird issue. I just added the policy in Jamf to remove two dock items(mail and Safari). I tried with multiple triggers but it seems when a new user is trying to logged in via prestage enrollment, it is not working.

I have Jamf Setup Manager installed, tried to use that with a custom event trigger for the policy. The policy runs, user logs in, dock reloads but still the items are there. This is the log screenshot:

Point to be noted, when I am running the policy from self service, it's working fine. Any idea what I am doing wrong or how to fix that? Any suggestion is much appreciated.

Thanks

Jason33 · a week ago

Did you try using the Login trigger? I've a policy to set some dock items at login and its been working. I've got the Trigger set at 'Login' and Execution Frequency 'Once Per User Per Computer'.

rabiul · a week ago

Hi @Jason33

I tried the 'Login' and 'Enrollment Complete' both of the triggers. But the result is same. It only works when I run it from self service :(

sdagley · a week ago

@rabiul If you're running Jamf Setup Manager in your PreStage you can't trigger a policy for configure the Dock from it because no user account has been created yet when it's running. Running it _after_ the user logs in should work.

rabiul · a week ago

@sdagley

I have Jamf Connect in place with the combination of setup manager. So, when the user does the first login, the account is already created

sdagley · a week ago

Right, but if Jamf Setup Manager is running as part of your PreStage and triggering your Dock configuration policy via a custom trigger that's before an account has been created. You need to take steps to ensure it's not called until after the user has logged in (e.g. use a LaunchDaemon which runs a script that waits for the Finder process to be running then triggers your Dock configuration policy)

rabiul · a week ago

I will try with LaunchDaemon and update the thread.

Shyamsundar · a week ago

This Policy needs to be ran once the user logged in to the Mac, try changing your workflow to execute this policy after the user logged in

rabiul · a week ago

@Shyamsundar I have tried that with Login trigger. It didn't work. Now the last thing I can try is to use a LaunchDaemon.

JevermannNG · a week ago

Please post a screenshot of the Policy settings.

Using many triggers for a policy might result into trouble ... Login trigger should work in this case.

rabiul · a week ago

I used trigger one by one. Not like I tried multiple triggers at the same time. The weird thing is, login trigger is not working in this case. Now the last option I have is to use a LaunchDaemon.

JevermannNG · a week ago

Just wondering, do other Policies with Trigger "login" work on that Mac?

Did you activate Login Events in the Jamf Server Settings? Login Events

howie_isaacks · Sunday

I use a policy for adding and removing icons on the Dock that I run as part of the zero-touch provisioning process. I assigned a custom trigger to the policy and included it in the script that is part of my zero-touch policy that runs at enrollment. The policy can also be used by running it through Terminal or Self Service. During the ZTP policy, the script runs the custom trigger "install-dockicons", which adds Dock icons for several of the apps that are being installed and removes icons that I don't want on the Dock. It is one of the last policies to run. Since the user is logged in, this Dock setting gets written to the user's Dock preferences. This has been working really well. I use the excellent script called Setup Your Mac written by @dan-snelson.

piotrr · Thursday

I run mine as part of a certain larger installation policy. That way I know we're in a state where we are installing apps on the user device. There will be an uncomfortable blink when Finder restarts, but after that we're golden.

Jamf Nation Community

Removing default dock items- policy not working with Prestage Enrollment