Posted on 01-18-2022 11:01 AM
I have some new machines coming in for users and wondering best approach to get user data from the old machines.
Using DEP and a prestage the user creates their accounts and wondering is a migration assistant restore post DEPnotify enrollment would mess up the Drive Ownership and secure tokens of these users?
Posted on 01-18-2022 12:01 PM
I can confirm Migration Assistant breaks things. I.e. if the user receives a DEP Mac, creates the first account on the machine with the same username as the old one, and then hooks up the old one and migrates... the user is no longer managed (and i think something else broke but has been a minute). The only way to fix this was removing the profile and reenrolling, which on recent Macs also means walking the user through disabling SIP, running the enrollment command, and turning SIP back on. http://rachelviniar.com/non-removable-mdm/
As for alternatives, there is https://www.alectrona.com/migrator which is a paid product, but they also had a preso at JNUC and have an older version of the app on their github. It's a fairly straightforward script that uses DEPNotify as the frontend. I've been backwards engineering something like it, but don't have working version to share.
Interested to hear what others are doing
Posted on 01-21-2022 08:46 AM
See also https://community.jamf.com/t5/jamf-pro/jamf-pro-enrollment-issue-after-computer-migration/m-p/171018
key thing to avoid with migration assistant is selecting “system settings”