Login

r/jamf

▲ 5 r/jamf

Filevault 2 Encryption

I feel like I'm going to lose my mind here, so I am going to need some help. I have a configuration profile to set up disk encryption upon first login. I am looking under inventory, and it says that the Filevault 2 partition is encrypted but FileVault 2 is not enabled. When I look at the mac it says it is encrypted, when I do fdesetup status in terminal it's encrypted and when I look at the different volumes the data partition is encrypted.

I read a post here a while back that said it's an issue with Mac that Apple is looking into so is that still the case or am I missing something?

reddit.com
u/Jesse_graham — 7 hours ago
▲ 4 r/jamf+1 crossposts

[Help] DEP Enrollment "Success" but Jamf Binary is not there - no complet rollout possible - M5 Pro MBP / macOS 26.4.1

Hey everyone,

I’m hitting a wall with a brand new MacBook Pro (M5 Pro chip) running macOS 26.4.1.
I’m wondering if anyone else is seeing issues with the initial management framework bootstrap on this hardware.

The Situation: The device goes through the Automated Device Enrollment (DEP) perfectly fine. The "Remote Management" screen appears, the user logs in, and the setup assistant completes.

The Problem: The device is in a "Zombie" state.

  • profiles status -type enrollment says: Enrolled via DEP: Yes.
  • In Jamf Pro, the device record is stuck as a "Placeholder" / Unmanaged.
  • NO Jamf Binary: /usr/local/bin/jamf does not exist.
  • No Self Service, no identity certificates in the Keychain.
  • The "Allow Jamf Pro to perform management tasks" checkbox in the inventory is NOT checked.

What I’ve tried so far:

  1. PreStage Tweaks: Verified account settings (Set to Administrator), tried with and without custom Enrollment Packages.
  2. The Rosetta Clue: I tried pushing the Company Portal as an enrollment package. It triggered a Rosetta 2 installation prompt, which makes me think the initial bootstrap is timing out or failing because of some Intel-legacy dependency during the M5 bootstrap process.
  3. Manual Nudges: Ran sudo mdmclient selfrequest mdm.InstallManagementFramework and sudo profiles renew -type enrollment. Commands return success, but no binary ever lands.
  4. Network: Tested on a clean mobile hotspot to bypass VPN/Firewalls. Same result.
  5. Wipe & Retry: Done this 5+ times with different PreStage configs.

My Questions:

  • Has anyone encountered issues with the Jamf binary bootstrap on the M5 Pro silicon specifically?
  • Is there a way to force-install the binary on macOS 26 when the MDM channel is open but the binary won't deploy?
  • Is the current Jamf binary still reliant on Rosetta for the initial install on M5 chips?

I have a ticket open with my MSP/Jamf, but I’m under a massive time crunch to get this high-priority device deployed. Any insights would be life-saving.

#Jamf #macOS26 #M5Pro #DEP #SysadminLife

reddit.com
u/85Blickwinkel — 3 days ago
▲ 1 r/jamf

Deploying Adobe Creative Cloud apps via Self Service?

Hi,

New to JAMF Pro, and trying to come up with a workflow to allow users to self-install Adobe CC apps via Self Service. I've created installer packages for the needed apps via the Adobe admin console, uploaded to JAMF Pro and created policies to install each app, and made those policies available via self service.

This kind of works, but there are two main issues we're encountering.

Issue 1 - it seems we're seeing a lot of issues with the policy failing because the download of the pkg file from JAMF Pro fails:

Downloading https://mycompany.jamfcloud.com/jcds/downloads/Photoshop%2520for%2520JAMF_en_US_MACARM.pkg...
Error: Package was not successfully downloaded. -1005
The network connection was interrupted while downloading the package from https://mycompany.jamfcloud.com/jcds/downloads/Photoshop%2520for%2520JAMF_en_US_MACARM.pkg. Attempting to reconnect...
The network connection was interrupted while downloading the package from https://mycompany.jamfcloud.com/jcds/downloads/Photoshop%2520for%2520JAMF_en_US_MACARM.pkg. Attempting to reconnect...

This is on a test Mac at our office, which has a very fast and very reliable Internet connection, so I don't think the issue is on our end. If we run the policy several times it'll eventually work, but this will be confusing for end users who expect to click the install button and have it "just work".

Issue 2 - In testing, I frequently see the install process take 20+ minutes. I get that part of this is just the fact that Adobe apps take a long time to install, but I wish there was a way I could give the end user some sort of visual progress indicator while the app is installing so they see something other than a spinning icon in Self Service. We've seen users cancel the process because they think it's taking too long. Part of that is just a need for user education, but I was wondering if anyone has managed to wrap Adobe installers so it gives the user some sort of progress bar?

reddit.com
u/vrtigo1 — 10 days ago
▲ 3 r/jamf

Smart User/ Device Group for teachers

Context:
We are getting a pool of roughly 200 new devices/ year. The pool is supposed to supply students & teachers and have spare devices in case a device needs to be replaced or new students arrive.

Problem:

Student and faculty devices are supposed to be configured differently. But I can't find an option to make a smart group based merely on status "teacher". There is an option to make a smart group based on teachers of certain classes, but I would love a way to have a smart user/ device group just based on the binary teacher/ student differentiation.

I can't imagine that this is not a common scenario to roll out profiles just based on this, but I can't figure out how without manually updating a teacher's list.

I'd appreciate your input!

reddit.com
u/Somuenster — 6 days ago
▲ 8 r/jamf+1 crossposts

Posted about this a little while back... heads-up that it's today.

We're running it as a Q&A this time. Kevin White (creator of S.U.P.E.R.M.A.N.) is joining us live and we're keeping it conversational. Same advertised topic (super and macOS updates), just more open-floor than slide-deck.

Bring questions about:

  • What's new in the latest version of super
  • How super is handling recent macOS update changes
  • Edge cases, deployment patterns, whatever you've been stuck on
  • General "state of macOS update management" stuff

Today, Fri, May 1 @ 12:00 PM Mountain Time:
https://rocketman.tech/lp-r

Recorded and posted to YouTube after if you can't make it:
https://rocketman.tech/ly-r

Link to previous discussions:

u/RocketmanTech_Nova — 12 days ago
▲ 3 r/jamf

DDM driven updates fail to verify on iPadOS

Hey there,

I am trying to use blueprints to update iPads in my fleet, but after they download the update it just fails to verify. They also strangely try to install 18.7.8 instead of 26.4.2 whenever using the "install latest update" option. The "ignore major updates" flag is turned off, so I don't understand why that would happen. Affected devices are all on various iPadOS 18 versions and are each 11 inch m3 airs. I am kind of at my wit's end with this to be honest. Has anybody had similar experiences with managed updates on iPads?

reddit.com
u/More_Yard1919 — 8 days ago
▲ 0 r/jamf

I have tried everything that I can from a google search.

I've used Configurator, on device enrolment, and various other things AI has suggested to me. (Don't judge lol, I am just a lowly elementary school teacher)

I can get it supervised, which will pump through all the apps I want, but it won't handshake with ASM so that it can be supervised.

Is it a lost cause?

reddit.com
u/Budget_Appearance_69 — 12 days ago
▲ 38 r/jamf+1 crossposts

>A Mac Admin quality-of-life update to the new favorite MDM-agnostic, “set-it-and-forget-it” reminder with improved multi-language support, granular control for displaying IT Support information and a new, easy-to-use reminderDialogPreferenceTest.zsh script for validating preference configurations and dialog appearance in real-time

Overview

While Apple’s Declarative Device Management (DDM) provides Mac Admins with a powerful way to enforce macOS updates, its built-in notification is often too subtle for most administrators.

DDM OS Reminder intelligently resolves DDM-enforced macOS update deadlines from recent /var/log/install.log activity, while using a declaration-aware resolver which prioritizes applicable enforced-install signals. End-user reminders are suppressed when declaration state is missing, conflicting, or invalid, only honoring setPastDuePaddedEnforcementDate when it safely matches the resolved declaration, before using a swiftDialog-enabled script and LaunchDaemon to deliver a more prominent end-user reminder dialog.

New Features

  • Granular Control for Displaying IT Support Information: New HideSupport* preferences allow Mac Admins to easily choose which IT Support fields are displayed to their end-users.
  • Use Resources/reminderDialogPreferenceTest.zsh when you want to easily validate dialog copy, localization, branding, support contact details, button visibility, and infobox rendering from deployed preferences without waiting for an actual DDM deadline.
u/dan-snelson — 13 days ago
▲ 5 r/jamf

Does anyone have your Jamf Pro instance set up so it pulls serial numbers and Asset Tag data (and Misc data) from ServiceNow or ABM so we don't need to manually enter it in the inventory preload sheet.

Any tips on managing inventory would be great. TIA!

reddit.com
u/Pitiful-Worry4156 — 13 days ago