Skip Local User Account during PreStage Enrollment not working.

sardesm
Contributor

This used to work and it is all of the sudden not working, preference is, to create the admin account in the Pre Stage and then skip local account and when prompted by a login screen be able to login as the AD user. As stated this was working, however it now is prompting to create the local user. Ideas?

5f36504d0a124e02a48a8fa6b877891c

14 REPLIES 14

sardesm
Contributor

Running Jamf Pro 10.20.1, OS X Devices 10.15

gburgess
New Contributor III

Now that we are ramping up for summer work and provisioning new machines, we are seeing this issue as well. Were you able to resolve this issue @sardesm , or still seeing this happening?

emilh
New Contributor III

We're seeing this as well now, started right when 10.15.7 dropped. Have you been able to crack this one @sardesm, @gburgess ?

craigo
New Contributor III

Started seeing this after 10.15.7 release as well

henrikengstrom
New Contributor

We have been seeing this since december 2020. It happens on 2 of 3 machines. Macs often needs to be reinstalled multiple times before enrolment success.

We have a support case at Jamf regarding this – so far without any success.

Our setup
- Jamf Pro 10.26.0
- Skipping Account Creation in PreStage.
- PreStage PKG installing Jamf Connect (tested with 2.0.2. and 2.1.2)
- After "Remote Management"-screen, "Create a Computer Account"-screen is shown.

Have an ongoing case with Jamf Support.

So far, we have tested
- Updated DEP token
- Updated APNS certificate
- Create a new PreStage (not cloned an old one)
- Installing Jamf Connect as PKG, and via postinstall script written by Sean Rabbitt: https://github.com/sean-rabbitt/jamf-connect-installer-package/blob/master/postinstaller.sh
- Jamf Cloud Team has had our Jamf Pro instance in Debug mode, without finding anything leading to a solution
-- Logs showed activation errors. Jamf provided us with a new Activation Key – without any success resolving the issue
- Verbose logs from our Jamf Pro server has not provided us with any solution

Has anyone been successful in finding a root cause?

ADE enrolment
e14bbdcf6b5a4b399f1f317d42470858

Create a Computer Account is shown.
b05331abf54b4e329e04f61e842fd813

PreStage containing Skip Account Creation
e0f1a757d1f941eebf58b5481aa50621

bouvet
New Contributor II

Does anyone have any news on this? We just started experience this on new macs that arrive. It was probably a year since we saw this last time.

emilh
New Contributor III

No news. Still seeing it. New PreStage Enrollment profiles don't help. PreStage Enrollment profiles void of Configurations Profiles as has been suggested in other thread doesn't work either.

BB_jamf
New Contributor II

Also seeing this as of late

jbhojwani
New Contributor

Chiming in that we are seeing this with our Pre-Stage as well, with similar options selected. I also checked our certificates and sync times from ABM to our PreStage and they seem to be fine as well.

Sometimes what helps this issue is unassigning/reassigning the machine to the PreStage and then doing a wipe/re-image on the Mac. But it appears even that is failing us lately.

jason_hernandez
New Contributor II

Seeing this as well. So far it seems limited to one specific PreStage for our M1 Mac testing.

abfajerman
New Contributor II

Seeing this as well in an environment I manage. SSO works otherwise but we never see the SSO authentication appear at all in the Remote Management window; it just skips right to the Create a Computer Account screen. I would try to deploy Jamf Connect with the login window settings but that's a whole other ball of nightmares with Big Sur and I was hoping that this approach was going to be easier to implement.

user-LYBGeLSLLt
New Contributor II

we stilll have the problem, does anybody has an idea? 

We had 2 problems in our environment. Once we solved those problems, the enrollments worked perfectly.

 

1. Our UIE management account and the local administrator account deployment through the Prestage were the same. We changed the local admin account to a new one (and of course randomized the pwd for the old admin account/current UIE account).
2. We had to untick some boxes in our Prestage for skipping OOBE screens. I don't remember which of them we unticked unfortunately.

After doing the above changes, our deployments go through every time without issues.

EUC-Admin
New Contributor III

This is still occurring and pretty huge of an issue given the Volume Ownership with M1 requirements. We are a Jamf Pro shop and a Jamf Connect shop and they recommend us not to have a local account be created to assign volume ownership. Seems like a huge impact to Zero touch deployments. With intel chips no issue but M1 a huge one.