Posted on 02-12-2019 07:40 AM
If I have Apple devices, managed by jamf, fully supervised and setup thru Apple DEP, how do I access those devices from my Mac? I am trying to access it and wipe it and reboot it and re-enroll it. Kind of like the cart put it back and refresh it thing. I went into Apple Configurator 2 and setup a supervision identity thru DEP (under Preferences > Organizations) but when I tie the iPad to my Mac, still comes up as pairing is prohibited by policy without the supervision certificate. Am I missing something else that needs to be done for this computer to be a trusted admin of this device?
Thanks.
JR
Posted on 02-12-2019 07:57 AM
If you're going to have physical access to the devices check out the Jamf Reset app. It does exactly what you describe: erase a device to your base settings for another user. https://www.jamf.com/jamf-nation/articles/559/configuring-and-deploying-the-jamf-reset-app
Posted on 02-12-2019 08:12 AM
Thanks. I've heard of that, but good to read the article, or reading. One issue with this is how does it get back on the Wi-Fi to reconfigure itself? I'm trying to avoid the manual process so was hoping with automator to push a Wi-Fi profile to the device after a wipe, and allow it to reconnect with DEP. Don't want our staff to be having to enter Wi-Fi info and credentials.
Thanks.
JR
Posted on 02-12-2019 11:17 AM
Note I have kind of got this working in reverse. I took the supervision identify from my Apple Configurator 2 and loaded it into a DEP profile in JAMF. Then any new device that gets this profile can be managed by the Mac. But thinking this is backwards. Plus limited to devices that have provisioned on that profile and only ones since I added it to DEP.
Thanks.
JR
Posted on 02-12-2019 02:02 PM
i think your problem is in your pre-stage enrolment where you have pairing blocked. This will stop it connecting to the Mac
the fix it just wipe device from your management window for the device and re-roll through DEP will be automated, it will get your new prestage enrolment that will allow pairing with your configurator 2 machine in the future
Posted on 02-13-2019 06:25 AM
Thanks, but that would be a security hole our CISO wouldn't like. If I could pare with a particular Mac that's fine, but that would allow it to pair with any computer.
Thanks.
JR
Posted on 02-14-2019 06:05 AM
I think that the supervision identity thing may have gotten broken somewhere along the way, most likely an iOS update - this is no longer working for me, either, and someone at jamf tried out the workflow and it wasn't working for him, either...