I’d counsel calling it something apparent like “API MDM Removal”. Log into your vacation spot Jamf Pro server and create a new account. I’d recommend the username “ReEnrollerAPIEnrolment” to make issues simple. I’m planning on a two submit mini-series with this half 1 overlaying some background data in addition to suggested setup particulars. Part 2 will look to cover the process and a few troubleshooting suggestions. ReEnroller will now create a model new enrolment invitation on the destination server and enrol to it 1.
Ideal if shifting providers or altering the Jamf Management URL. @piotrr @bryce I was questioning the identical, if the default browser is Safari, will the users not be prompted with a re-registration? This is essentially bad trumpadjacent seth meyers the most annoying/frustrating downside, to randomly again and again be requested to register a tool you already have registered.
If this fails, ReEnroller will revert the enrolment back to the source server. It is possible to really edit your present installers to work with Apple Silicon (they’ll still require and run through the Apple Rosetta 2 translation environment). The good news is these new packages will work on both Intel and Apple Silicon units automatically, so you’ll likely not need to keep duplicates of the packages. The bad news is the packages will set up considered one of two different variations of CCDA depending on the structure you’re deploying to. Something to listen to and maybe pre-warn your users about if you’ll be trying to migrate your setup.
When the token refresh fails for twenty-four hours or more, Jamf Pro marks the system as unresponsive. You will have to have a consumer account that has Global Admin permissions in Azure. You must have a person account that has Microsoft Intune Integration permissions within the Jamf Pro console. Suggestions for troubleshooting a few of the commonest issues if you integrate Jamf Pro for Mac devices, with Microsoft Intune.
You may get the following details within the error log. If you’ve enrolled macOS units into your source server with DEP and a non-removable MDM Profile , you’ll need to setup an account on the source Jamf Pro instance in order to remove the profile. Once the configuration choices and necessities are clear, it’s time to have a look at the configuration of the Microsoft Enterprise SSO plug-in. The configuration for iOS/iPadOS and macOS units is identical. That platform distinction will be certain that the right configuration is utilized to the proper app. The following eight steps stroll via the steps to configure the Microsoft Enterprise SSO plug-in.