Posted on 09-11-2024 08:11 AM
so a s test with my lab systems i tried to re-enroll it to my admin account in JAMF to see if we can just hand over a system with out a re-images and now it's hung trying to install the JAMF profile will not let me delete the old one or over ride it. how should i have done this.
It seem to cause other problem the systems show up in inventory but not when i try to add it to a policy.
Any uninstall scripted that i should have used or is re-image the only option?
Posted on 09-11-2024 08:32 AM
perhaps, i'm missing something, feel free to explain; why is 're imaging' or re-enrollment in JAMF necessary to give a computer ot another department or user? I'ed be a much bigger fan of just using jamf to remove software or accounts as necessary; and adding accounts or software as necessary and giving them, the computer.
unsure why more then that would be necessary, but feel free to explain. my two cents.
Posted on 09-11-2024 09:08 AM
Well the way i think JAMF is setup for my company is you login to a enrollment page and enter the users name and it install all the JAMF policy and sets the user as the owner of the system.
Normally i re-image a system to wipe off all the app and user date, but is some cases i am asked not to re-image because the new owner my need some of the data from a project the old employee was working on.
For example a Windows system i just change the owner in AD, delete any profile that was not the old owner or the admin account and uninstall unneeded apps hand it off to the new user and grant them access to the data easy 5-10m.
For a Mac the login into the enrollment page and entering a new use seem to have messed thing up, what is the best way to to the above Windows process on am Mac.
09-11-2024 09:28 AM - edited 09-11-2024 09:28 AM
You should always reinstall macOS between users in a non-shared device situation.
As far as not being able to delete the old users account, that is because it has a Secure Token and you need a Secure Token to modify an account with a Secure Token. Everything Jamf does to manage accounts is in CLI which has a BootStrap Token, Apple currently has no work flows for MDM to manage accounts. Reinstalling the OS would make this not a problem.
Posted on 09-11-2024 09:37 AM
agreed. secure tokens and the like; may make this process not as straightforward as it might seem//
https://github.com/grahampugh/erase-install
the above script may assist with easily reinstalling the macOS in a semi automated manner.
Posted on 09-11-2024 05:13 PM
I have found using the erase all contents button on the devices inventory record and wiping the device with the MDM commands to be quite effective most of the time. Every now and again the OS does not install and you need to deal with recovery, but its pretty rare.
Posted on 10-08-2024 10:08 PM
You can try erasing all contents and settings from System Settings -> General -> Transfer or Reset. This action will only reset the user data, leaving the operating system untouched.