Jamf Nation Community

mvalpreda · ‎11-08-2022

Been noticing that Self Service has been failing and saw this in /var/log/jamf.log

Device Signature Error - A valid device signature is required to perform the operation.

I'm not seeing any expired certificates anywhere, in fact they were just renewed only a few months ago. I did sudo jamf -enroll -prompt. That got SS working again, but I need to understand what happened or where to check what might be expired, missing, etc.

Some of these are machines that were JUST enrolled through the pre-stage enrollment that was set up by our Jamf consultant.

morgan-ai · ‎11-08-2022

I've only ever seen that on devices that were previously enrolled in Jamf or we leveraged migration assistant from an old Jamf-managed Mac to a new one, or in rare cases, the time/date were on the Mac. Anything common there?

Also, I've be recommended the Redeploy api command to fix that when it does occur.

Hugonaut · ‎11-09-2022

@mvalpredacheck out our self healing script - https://github.com/Rocketman-Tech/Jamf-Self-Healing - should do the trick for ya!

________________
Looking for a Jamf Managed Service Provider? Look no further than Rocketman
________________

Virtual MacAdmins Monthly Meetup - First Friday, Every Month

ImAMacGuy · ‎11-11-2022

we get a ton of these devices there was pre-imaged (meaning hardware received and then all the corporate apps were installed and devices were prepped) and then stored for eventual deployment. Typically if they've been sitting for about a month and then put back on the network, it's device signature errors... even on reprovisioned. I have to do the jamf self heal commands to get it to work. I probably have to do this 2-5 times a day.

Previously, also had good luck with the https://jss.url.here/enroll/?type=quickadd and then running the Quickadd package to enroll.

Jamf Nation Community

Self Service failures - Device Signature Error