Last week, maybe 2 or 3 days after our Jamf instance went up to 10.48, we've been running into issues with Automated Device Enrollment.
During a fresh install of macOS 13.4, we get stuck at the Remote Management screen, where the message "Waiting for management server" hangs on the screen, seemingly forever. Sometimes, after 20 or so minutes a laptop might decide to move on to the User Account creation screen.
If we reboot these stuck laptops, then navigate back through Set Up, we can create Users and see that they have all the Managed Profiles installed, but need to run "sudo profiles renew -type enrollment" in Terminal before Jamf fully installs itself on the devices and then runs policies as normal.
Any thoughts or similar issues?
Apple updated their Terms and Conditions at the end of last week in Apple School Manager (and I assume Apple Business Manager). The Terms and Conditions need to be accepted before Automated Device Enrollment will work again. Has someone accepted the updated Terms and Conditions in your organization's ASM or ABM?
You can speed this up by moving a device from one prestage to another or unassigning a device from the jamf instance and reassigning it after 15mins to speed up the process of reenabling the sync.
Unfortunately the problem still persists after changing Prestages and waiting until after they sync up. If I unassign/reassign and wait, the devices won't even show the Remote Management screen, even when they show up as being assigned/synced with the Prestage.
I have this problem as well. Was happy to see that other people are affected too as i dont build a lot of macs.
My colleague logged in and was able to approve for the whole organization. He thought he had already done it 2 weeks ago on the 20th, but apparently he didnt. You can see the history under "terms and conditions" on this page https://school.apple.com/#/main/preferences/enrollmentinfo
You can see what user accepted and when. Seems to have worked after a reboot of the affected mac.
Only other problem i had is if i forget to renew some certificate. usually jamf sends an email well before either the AWS cert, or the push cert needs to be renewed. I would check those though too. Stupid 1 year certificates these days need to constantly be babysat... gah i hate certificates.
Unfortunately, there wasn't much improvement by the time we finished our big summer imaging project. I noticed toward the end that some devices would go through, but I haven't tried again since.
When I get a chance, I'll try some more devices and let you know if there's any improvement. It's worth noting that none of my devices ever failed, they just didn't finish on their own.
EDIT: Actually, after the laptops we did a bunch of iPads and they all went through without any issue.
Funny you mention, I did some iPads last week and no problem, but they do have separate pre-stages. I'm working my way through now removing profiles in a test pre-stage and still getting stuck. I did have one empty pre-stage go through earlier but I'm not sure if that was a fluke or I have the worst luck when it comes to troubleshooting (ie I chose the problem policy to remove last in testing, which is highly likely lol).
Thanks for the reply!
We have had an issue with this for a while. There doesn't seem to be a good reason for it from what I can see. We go to waiting for management server, some computers go through mine, some do not. The only thing I see on our web filter is it appears that the Macbook tries to open a session with valid.apple.com and we don't see any data packets pass.