- Jamf Nation Community
- Products
- Jamf Pro
- Macbook Air MDM Capability = No
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-29-2014 07:21 PM
We have enrolled more than 40 Macs using QuickAdd package and they all have worked fine. One of the Mac has installed the MDM profile but it is not installing the configuration profiles and also the MDM Capability is No. We have setup smart groups for configuration profiles which just pick up the Macs right after the enrolment but in this case its not working even after Mac was left overnight. Any suggestions.
Solved! Go to Solution.
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-30-2014 04:58 AM
Not sure if it's what you're seeing, but for us MDM Capable No for us has always come down to serial number being blank, and in one machine serial number was missing one character some how in system profiler. Worth checking.
13 REPLIES 13
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-30-2014 04:58 AM
Not sure if it's what you're seeing, but for us MDM Capable No for us has always come down to serial number being blank, and in one machine serial number was missing one character some how in system profiler. Worth checking.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-30-2014 05:57 AM
The fix for us was as follows (from JAMF Support):
"Finally, if we are using the JSS's Built in CA to generate our SSL certificate could we please refresh this by going to JSS> Settings>Apache Tomcat>Change the SSL certificate used for HTTPS>Generate a certificate from the JSS's built-in CA."
Systems were OK when they next checked in, we didn't need to re-enroll clients.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-30-2014 06:05 AM
It sounds like your JSS is setup properly, since you have other machines that are working. So I would turn to that specific machine. In the instances where I've had that problem, I've simply enrolled the machine using the JAMF binary:
jamf enroll -promptThat has corrected MDM troubles for me in the past.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-30-2014 07:54 AM
@stevewood][/url
we have Ms Office which gets installed automatically after the JSS enrolment is completed so as I mentioned above that MDM profile is being installed successfully so the Ms Office gets installed automatically on JSS enrolment. The problem is that I do have two configuration profiles i.e. WiFi and Dock which is not picking up at all. Also the MDM commands like Lock Computer etc are not available. I had tried the command you mentioned but no luck.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-30-2014 07:55 AM
We were having similar issues with config profiles and our account team came up with this solution that worked instantly on hundreds of machines through a policy. It will just remove the Casper MDM profile and then reinstall a new one which for us brought down all other config profiles right away as well.
#!/bin/bash
jamf removeMdmProfile
jamf manageOptions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-01-2014 06:44 PM
@CasperSally][/url
can't believe this, the serial number in the Macbook Air is replaced with string "System Serial#" you were correct.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-02-2014 04:55 AM
@khurram glad I could help. The one machine we had missing one character in serial had us troubleshooting on and off for way too long.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 01-15-2015 01:13 PM
@tron_jones thanks for your solution, worked great.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-03-2015 10:20 AM
Thank you @tron_jones
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-10-2015 11:45 AM
I've tried @tron_jones method, checked the serial number on the machine and what is being reported in the JSS, and re-enrolled the machine using a quickadd pkg.
Are there any other methods for resolving MDM capabilities : No ?
The MDM profile is on the machine...
I'm running 10.11.2.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-16-2016 03:32 PM
I'm getting same issue enrolling 10.11.3 clients w/ jss v9.82.
What cause our issue was the SSL certs we have is using sha-1. Upgraded to SHA-2 all happy happy .
What threw us out was that 10.10.5 clients are enrolling happily using sha-1.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-24-2016 09:11 AM
@tron_jones how did you determine what computers needed those commands run via the JSS?
Did you create a static group that you updated every so often by checking the DB or were you able to come up with a smart group?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-19-2021 03:12 AM
The perfect solution is without doing the action
sudo jamf mdm -userLevelMdm
sudo Jamf manage
MDM Capability: Yes will be changed
