I'm posting this in case others encountered this issue with bootstrap
tokens on macOS 10.15. Particularly, we were running Jamf Pro 10.23.0
but were still seeing our devices show that tokens were not supported on
the server. Checking the status:sudo ...
I'm having the same issue and found your thread. If you did find a
solution let me know, otherwise I might put in a ticket with Jamf
Support to see if they're aware of any issues.Edit: Figured it out. The
issue is the DNS payload is ignored when you ...
If you haven't already, make sure your VPN configuration is adding a
search domain that matches the Kerberos SSO extension so that it knows
to send queries for that domain to your internal DNS server over the
My script is long and does several things to validate if a bootstrap
token is required, if our administrator account is there, has a secure
token, etc., but once that's done to install the token I'm just using
this:echo "[Information] Attempting to a...
My understanding is that once a device knows it can escrow the token, it
will do so after an existing user with a token signs in. There is an MDM
command that is sent to devices that you can see in the history called
"Settings - Bootstrap Token Allow...
This is likely of limited help, but we've been binding macOS Big Sur to
Active Directory without issue since launch (both on Intel and Apple
Silicon). I know Microsoft had some mandatory security updates last year
related to signing or LDAPS I believ...