Zero Touch DEP, how to prompt the user to set a computer name and bind it to Active Directory.

New Contributor II

Hey guys,

So I'm trying to set up a Zero Touch Deployment process in which we can hand the person a laptop in a box with some instructions and they'll be able to set up the laptop themselves.

We have managed to get the Prestage Enrollment done in which it creates a local admin account and also uses a network admin account.

However we need to name the machine and then bind it to Active Directory (this is usually done when we run a sudo jamf policy script on terminal).

I've found a few things online but they haven't worked in allowing the naming of the machine beforehand. If we need to we don't mind allowing the user to name the machine themselves, the issue is then binding it to Active Directory.

Ideal what we'd like is for the machine to have MDM, then user names the machine, then binding to Active Directory and then running the additional script to install applications etc.

Any advice?



Valued Contributor
Valued Contributor

@nomad123 I can definitly help you with this, hit me on #slack if you would like to

Have a look at Ceremony

  • Configure and deploy Ceremony
  • Capture User Input with Ceremony (take a look at the Ceremony website to get the idea) You can set a pattern, and validate the user input with a regex validation
  • Gather that user input with Jamf Pro and use that stored value to set the computer name with scutil
  • After correct username has been set, you can easily bind to AD


Contributor III

@nomad123 have a look at this. you can do everything you want with type of process. You can also do a similar thing with DEPNotify and as mentioned Ceremony. It's all about getting the workflow scripted. I presume you use Jamf so the easy way to do the bind is with a jamf bind policy called after the computer naming is done.

Contributor III

Have you looked into your namesake NoMAD and NoMAD Login AD. This person has great step by step instructions on how to use DEPNotify and NoMAD to deploy and properly name user accounts. I also would ask do you need them to bind to AD. I will say once we deployed NoMAD we abandoned binding as it was more trouble than it was worth.