Help

What is the best way to redeploy a Mac to a new user with out reimaging

jzastrow
New Contributor III

a week ago

so a s test with my lab systems i tried to re-enroll it to my admin account in JAMF to see if we can just hand over a system with out a re-images  and now it's hung trying to install the JAMF profile will not let me delete the old one or over ride it. how should i have done this.

It seem to cause other problem the systems show up in inventory but not when i try to add it to a policy.

Any uninstall scripted that i should have used  or is re-image the only option?

 

 

 

 

 

0 Kudos
5 REPLIES 5

mschlosser
Contributor II

a week ago

perhaps, i'm missing something, feel free to explain; why is 're imaging' or re-enrollment in JAMF necessary to give a computer ot another department or user? I'ed be a much bigger fan of just using jamf to remove software or accounts as necessary; and adding accounts or software as necessary and giving them, the computer. 

unsure why more then that would be necessary, but feel free to explain. my two cents.

0 Kudos

jzastrow
New Contributor III

a week ago

Well the way i think JAMF is setup for my company is you login to a enrollment page and enter the users name and it install all the JAMF policy and sets the user as the owner of the system.

Normally i  re-image a system to wipe off all the app and user date, but is some cases i am asked not to re-image because the new owner my need some of the data from a project the old employee was working on.

For example  a Windows system i just change the owner in AD, delete any profile that was not the old owner or the admin account and uninstall unneeded apps hand it off to the new user and grant them access to the data easy 5-10m.

For a Mac the login into the enrollment page and entering a new use seem to have messed thing up, what is the best way to to the above Windows process on am Mac.

 

 

0 Kudos

AJPinto
Honored Contributor III

a week ago - last edited a week ago

You should always reinstall macOS between users in a non-shared device situation.

 

As far as not being able to delete the old users account, that is because it has a Secure Token and you need a Secure Token to modify an account with a Secure Token. Everything Jamf does to manage accounts is in CLI which has a BootStrap Token, Apple currently has no work flows for MDM to manage accounts. Reinstalling the OS would make this not a problem. 

mschlosser
Contributor II
In response to AJPinto

a week ago

agreed. secure tokens and the like; may make this process not as straightforward as it might seem//

https://github.com/grahampugh/erase-install

the above script may assist with easily reinstalling the macOS in a semi automated manner. 

AJPinto
Honored Contributor III
In response to mschlosser

Wednesday

I have found using the erase all contents button on the devices inventory record and wiping the device with the MDM commands to be quite effective most of the time. Every now and again the OS does not install and you need to deal with recovery, but its pretty rare.

0 Kudos