fkorotkov
commented
10 months ago We are not MDM experts here unfortunetlyy but have you seen @dan-snelson's blog post about Jamf Pro enrollments with Tart. Maybe it can help?
Closed robatjamf closed 9 months ago
fkorotkov
commented
10 months ago We are not MDM experts here unfortunetlyy but have you seen @dan-snelson's blog post about Jamf Pro enrollments with Tart. Maybe it can help?
robatjamf
commented
10 months ago I work at jamf and can help! Not an expert... but can help here. I will do some digging and see what I can figure out!
fkorotkov
commented
10 months ago Hey @robatjamf, have you found anything?
robatjamf
commented
10 months ago sorry been busy with another project, can look at this next week if that is okay.
fkorotkov
commented
10 months ago Totally! I was just going around ope issues and checking status of them.
robatjamf
commented
10 months ago Okay been testing today and I think I might have figured it out but going to do some more testing. Thanks
robatjamf
commented
10 months ago Okay figured it out
oci ghcr.io/cirruslabs/macos-sonoma-base:latest - MDM profile installs but doesn't actually do anything till a restart and notice if there are changes a restart is needed to "refresh" the OS. Something is up there...
oci ghcr.io/cirruslabs/macos-sonoma-vanilla:latest - MDM installed and works normally, will just use this image
So the issue that I have is with the base image. I can compare the packer templates and see if there is something interfering with MDM within the base image
fkorotkov
commented
10 months ago One major difference between the images is that macos-sonoma-base doesn't have recovery partition. Do you think it can interfere?
motionbug
commented
10 months ago Interesting. I don't think that this would be an issue but I could test it... do you set that within your packet template? If so can fork and try my own version.
Thanks
fkorotkov
commented
10 months ago I'm sorry I was wrong. Both images are having the recovery partition removed to save space when pushing images remotely.
motionbug
commented
10 months ago checking it...
fkorotkov
commented
9 months ago Closing because it seems not a problem of Tart as VMM but rather that a VM is not compatible with MDM because it misses recovery partition.
MDM Install failure till restart
When using the (osversion)-base and enrolling that device into an MDM server like Jamf Pro, there is a stall, where no profiles come down... some sort of detached sync. To get the profiles to download a restart needs to be restarted for an update.
Hard to test enrollment workflows or MDM workflows with this bug...