03-24-2022 01:51 PM - edited 03-24-2022 01:51 PM
I have a policy that automatically renames and binds systems to AD that runs on enrollment. I'd like to be able to run that policy for systems that are fresh out of the box. I'm able to scope systems to a prestage, but it doesn't seem like Jamf is able to scope systems to policies that haven't run their initial enrollment. Anyone have ideas?
Solved! Go to Solution.
Posted on 03-24-2022 07:34 PM
@kbednar Create a Smart Group with Criteria: "Enrollment Method: PreStage enrollment", Operator: "is", and Value: "Name of Your PreStage". Use that Smart Group as the Scope Target for the Policy you want to run on Enrollment Complete.
Posted on 03-24-2022 03:35 PM
Have you tried using the trigger 'Enrolement complete' on the policy?
Posted on 03-24-2022 03:49 PM
The problem is systems can't be scoped to policies before they've been unboxed. They'd need to go through that initial enrollment first, then I'd be able to add it to the policy.
Posted on 03-24-2022 07:34 PM
@kbednar Create a Smart Group with Criteria: "Enrollment Method: PreStage enrollment", Operator: "is", and Value: "Name of Your PreStage". Use that Smart Group as the Scope Target for the Policy you want to run on Enrollment Complete.
Posted on 03-25-2022 07:50 AM
I use a script in the policy set to enrollment. it uses custom triggers to call all of the policies I want it to run. It is scoped to All Computers. The script does all of the sorting out for me. It looks for Sillicon Macs and installs Rosetta, it runs my renaming process. It ends up with a recon so that the name change will be picked up in Jamf.
Posted on 03-25-2022 09:17 AM
@kbednarto a similar effect of what @sdagley said - you can always create a smart computer group for recently enrolled devices. Then scope that group to the policies with a trigger of Enrollment, Check-in, etc