Managing macOS devices in a large-scale enterprise environment always need IT expertise. Even with a powerful MDM like Jamf Pro, IT admins often need to dive into the command line to truly get to the root of issues.
In this blog, we will walk through real-world command-line troubleshooting techniques for both macOS system issues and Jamf Pro management. Whether you're dealing with failing profiles, app crashes, or failed policies, this post has your back with real commands that work.
Getting Started: System Info at Your Fingertips
Before troubleshooting, gather critical system details:
Get system version:
sw_vers
List all installed system updates
softwareupdate –history
Hardware overview
system_profiler SPHardwareDataType
Check uptime
uptime
Check disk usage
df -h
Network Troubleshooting
Network issues can sabotage everything—from app installs to MDM communication.
Get current IP and interface details
Ifconfig
Test DNS resolution
dig www.apple.com
Check default gateway
netstat -nr | grep default
Ping Jamf Pro server
ping your.jamf.server.com
Test port connectivity (useful for MDM)
nc -vz your.jamf.server.com 8443
Jamf Agent & Daemon Health
Check whether the Jamf framework is working as expected:
Confirm Jamf binary exists
which jamf
Check Jamf version
jamf -version
Run all policies manually (force check-in)
sudo jamf policy
Enroll device manually
sudo jamf enroll -prompt
Check MDM profile status
sudo profiles -P
View MDM framework logs
log show --predicate 'eventMessage contains "mdm"' --info --last 1h
Profiles & Configuration Issues
MDM profile issues are super common especially with Wi-Fi, VPN, or Security payloads.
List all installed profiles
profiles -C
Remove a specific profile by identifier
sudo profiles -R -p <profile-identifier>
Reinstall MDM profile (if permitted)
sudo profiles renew -type enrollment
Tip: If profiles fail to install, check system.log or run:
log show --predicate 'eventMessage contains "Profile installation failed"' --last 1h
Application & Process Troubleshooting
Trouble with app installs or behavior.
List all installed apps
ls /Applications
Check specific app version
defaults read /Applications/Safari.app/Contents/Info CFBundleShortVersionString
Kill and relaunch a hung app
killall "Microsoft Word"
Monitor real-time CPU usage
top -o cpu
Login, Boot & System Launch Daemons
Apps and scripts failing at login or boot? Inspect LaunchAgents and LaunchDaemons:
List all LaunchAgents
ls /Library/LaunchAgents
List all LaunchDaemons
ls /Library/LaunchDaemons
Check status of a specific LaunchDaemon
sudo launchctl list | grep "com.jamf"
Load or unload a LaunchDaemon manually
sudo launchctl unload /Library/LaunchDaemons/com.company.script.plist
sudo launchctl load /Library/LaunchDaemons/com.company.script.plist
FileVault & Security Status
Security compliance issues? Check FileVault and Gatekeeper:
FileVault status
fdesetup status
Check Secure Token users
sysadminctl -secureTokenStatus yourusername
Gatekeeper status
spctl --status
System Integrity Protection (SIP) status
csrutil status
Jamf Binary Diagnostics
Still unsure what's happening? Use verbose Jamf logging:
Verbose policy runs
sudo jamf policy -verbose
Run recon to update inventory
sudo jamf recon
View Jamf logs
cat /var/log/jamf.log
Cleanup Tools & Reset Commands
Sometimes a cleanup is all you need.
Flush DNS cache
sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder
Clear user/system cache (use cautiously)
rm -rf ~/Library/Caches/*
sudo rm -rf /Library/Caches/*
Reset printing system
sudo rm -r /System/Library/Printers/
sudo rm -r /Library/Printers/
Wrap-Up: Proactive Beats Reactive
Command-line skills are your best defense when Jamf Self Service doesn’t launch, apps refuse to deploy, or profiles mysteriously disappear. Combining Jamf Pro's remote management with these hands-on terminal commands creates a powerful, efficient support model.
Use these tools not just to fix but to prevent. And don't forget to automate frequent solutions via Jamf Scripts and Policies!
