I'm curious if there's a way to use Recon to just explore what machines are on our network so we can ensure that we're not missing any machines when we're building out our processes.
We have asset tracking within our inventory management system and I am able to cross check those in there against what DEP shows us but I want to see if anything is missed and possibly who is using the machine (or at least machine name) when inventorying.
However I am not ready to turn on Jamf yet for production - and based on my test, using Recon appears to enroll the device.
Is there a way to prevent this enrollment and/or management of the device until we're ready to go live and just use Recon to get the information regarding the machine into Jamf?
If you're talking about the Network Scanner function in Recon, I suppose you don't need to supply the actual credentials it would use to SSH into the machine and enroll it. Just provide some bogus credentials and see if it locates the Macs on the network but it will fail if trying to enroll them. It's been so long since I've used the app or that feature honestly that I can't really tell you for sure how that would work. But I know it can't enroll with the Network Scanner feature unless it can make a successful remote login connection to the device.
You could also look at a tool call LanScan that you can find on the App Store. You'll need to buy a paid version of it to unlock the full features, but it will scan your network (or IP range) and determine the makes/brands of devices it finds. It lists the IP address, hostname if applicable and MAC address, as well as a few other items. It will find anything in the range you tell it to scan, so it will list out things like routers and switches, smart TVs and whatever else may be in the same IP range. It certainly won't enroll anything since it has no functionality to do that, so it might be a good option to look at. As I mentioned though, to get the full features you'll need to buy a license, but it's only $6.