Zero-Touch/DEP

nick_conway
New Contributor II

I'm curious if anyone works in an environment where zero-touch has a 100% (or incredibly close to) success rate. We are running into an issue where roughly 2 out of every 10 devices fail to reach the Remote Management page. Would love to find out what about our setup needs improvement to ensure a 100% success rate.

Thanks!

10 REPLIES 10

Cayde-6
Release Candidate Programs Tester

Usually if it’s not reached the Desktop then your looking at a network issue somewhere.

Apple is very sensitive when it comes to firewall, packet inspection etc

simon_brown
New Contributor III

With our setup, although we could go zero-touch and a lot of the time it works as intended but there are occasions where it doesn't and likewise the remote management page doesn't show so am not completely confident with that. At the moment our helpdesk will go through the setup with the user or do it for them. With the Macs that the remote management page doesn't show up, from what I've heard, usually wiping/reinstalling fixes that.

typeraj
New Contributor III

Have a read of this blog post, it could explain what you're seeing:

https://nstrauss.github.io/mitigating-mac-enrollment-failures/

nick_conway
New Contributor II

This has all very incredibly helpful and i thank you. One question I had in regards to process. We seem to have 100% success when working on an ethernet connection within our office. Any thoughts on whether or not we could turn the devices on, get them to the management screen so that Apple recognizes the device and approves it to download pre-stage, and then ship it off? Does Apple hold any historical record that this device once hit its system and approved it? This could be a silly question, but just trying to exhaust all options. Grasping at straws.

mconners
Valued Contributor

@nick.conway I thought I would jump in on this discussion. Our Apple SE told us we should ensure we hand out Macs that are on 10.15.6 or higher to remedy this situation. It was a sticky point a few months ago, but so far, knock on wood, we have been good.

nick_conway
New Contributor II

@mconners Thanks for the advise! Curious, how many devices are you deploying regularly and what would you estimate the success rate has been since ensuring they're all on 10.15.6?

mconners
Valued Contributor

@nick.conway before 10.15.6, I was getting maybe a 50% success of getting the new Macs to the remote management screen. After moving to 10.15.6 and eventually, 10.15.7, I believe we are at 100% now. We had a heck of a time of getting these new Macs handed out to folks. I had so many coming back because the instructions we handed out didn't match. I struggled with this and luckily I now have a process going forward to ensure success. For the life of me, I have no idea what was going on with pre-10.15.6 Macs.

nick_conway
New Contributor II

Has anyone run into Remote Management issues while ensuring deployment of 10.15.6 and/or 10.15.7 Macs? I'd love to hear if others have experienced the same success at @mconners because that would be fantastic.

user-CxHPRuoiws
New Contributor

Thanks for the link, keep sharing this type of info.

taylorducharme
New Contributor III

I got zero touch setup back in September and have probably pushed out about 60 computers since then and have had no issues. I have had issues earlier in the year with just hitting the MDM server but those were computers that had sat in storage for to long and the battery died and the date and time was off. After doing and erase and install of the OS it would always fix the issue and connect.