Skip to main content

Create an MDM capable user on computers when using Jamf Connect Login

Updated over 3 months ago

Description

When enrolling a computer via a PreStage enrollment using Automated Device Enrollment, users created during the Setup Assistant will be MDM-enabled; however, if Skip User Creation is selected in the PreStage enrollment and the local user account was created via a policy or Jamf Connect, then the account will not be MDM-enabled.

Creating an MDM Capable User

If an MDM capable user is required for a workflow (EDU profile, user-level network configuration profile, etc.) it may be best to look at leveraging the steps in the Tech Thought's blog to ensure that the user is created with MDM capability, while still using Jamf Connect for other tasks such as ongoing password synchronization.

To get an MDM capable user on computers on macOS 11 or later that are already enrolled, unenroll the device and then re-enroll using an option below:

  1. Automated Device Enrollment: In Terminal run sudo profiles renew -type enrollment

  2. User-Initiated Enrollment: By default, the logged-in user on the computer will be MDM-enabled after enrollment.

Related Articles
Classes are not showing in Apple Classroom on a computer managed by Jamf School
Using profiles -type enrollment commands with Jamf School
User and Device Level Configuration Profiles in Jamf Now
Can We Create an MDM-Capable/MDM-Enabled User with Jamf Connect and Automated Device Enrollment?
Restore Deleted Device or Computer Record from Jamf Pro
Did this answer your question?