Jamf Nation Community

What you have to do is decide what your time-out maximum will be. Let's say your business/school/company has an IT rule that every machine must connect back to the main network once a month in order to get updates and patches, etc.

Setup a smart group for machines that have not contacted in over a month, get sent e-mails for these devices. Some of these devices will be devices that have had the configs removed, some of them will be devices that have been forgotten about or the aloof professor who has been meaning to bring it back for three weeks now.

Anyway. You'll get emailed reports about machines that exceed the time limit, and it should give you a good idea of problem machines.

CTANGORA, i've got a smart group that does that, but that didn't work. Today I found one by chance that had unenrolled and installed a vpn, so all he needed was my guest access and he could get to anywhere he wanted, w/out me knowing. he wasn't in my no checkin list, and had been unmanaged since 9/2/14. Could we possibly make a smart group of all managed devices and make an email notification when a device leaves that group? or can we not just make this a feature request?

@jgrimes
The problem with this system not landing into your no check in group was likely that the Mac was actually unmanaged. As mentioned, only managed Macs/iOS devices, can be in a Smart Group. If the Mac shows up at all as unmanaged, it will never appear in a Smart Group, even one that looks for Macs not checking in.
Also, not sure if I'd bother making a Feature Request to have that changed. That's the nature of Smart Groups. They've always worked this way and I kind of doubt that will change any time soon.

As for your question on getting email notifications, again, the Mac would need to actually be managed, but theoretically yes, you can get notified when something drops out of your "all managed Macs" group.
There's only one caveat to be aware of. I think (not certain) that even in the latest version of Casper Suite, your only option for notification on Smart Groups is change, meaning that not only would you get an email when a Mac falls out of that group, but you'll also get emails for every Mac that lands in that group. If you're enrolling a lot of Macs, that could mean a lot of emails coming your way.

One thing you could try is to set up a carefully crafted filter to sort incoming mail on that Smart Group change and only be alerted to the ones that indicate a Mac left the group and ignore all the others. That should be possible since the wording or subject of the email is different for each one, giving you something for your filter to look for.

Lastly, have you taken a look at @rtrouton's process for keeping Macs enrolled? If not, take a look. It doesn't fit everyone's environment, but its the closest thing I've seen to having a self healing function (something I really hope JAMF is bringing to the suite some day soon)
http://derflounder.wordpress.com/2014/04/23/caspercheck-an-auto-repair-process-for-casper-agents/

Hope that helps.

derflounder's work looks great except that I'm dealing w/ iOS. thanks for sharing. I'll look into the crafting of a smart group and email filter and let you know.

Ah, didn't know that. You only mentioned 'devices' which could have meant either. Its often best to mention exactly what you're working with or looking for so people can respond with appropriate information, since Casper can manage Macs or iOS.
Good luck with settings things up.