Help

APNS & Configuration Profile issues

josh-the-tech
New Contributor

Posted on ‎11-04-2015 01:55 PM

We recently had to restore our JSS from a backup, which we discovered was a week old. This caused our Push Certificate to stop working as there was a notice saying it had expired (it hadn't). After much head scratching, our Apple Deployment Specialist resorted to getting new certificates, of which we will be required to re-enroll devices (something we can deal with).

However, after removing and re-enrolling a Mac, it's still not installing the configuration profiles. The new MDM Certificate is there on the Mac and after doing APNS Logging, I can see it responding to a blank push. However the config profiles are just staying on Pending (or started) on the JSS. Does anyone have any clues?

0 Kudos
4 REPLIES 4

davidacland
Honored Contributor II
Honored Contributor II

Posted on ‎11-04-2015 02:06 PM

There's a few possibilities. It might be there are old profiles or commands that are stuck in the JSS MDM queue. These can be cleared out from the MySQL table (best to ask JAMF support on the exact command and table).

The other possibility is a client side issue, something left behind by the previous MDM connection. Just to check (on one Mac), you could run sudo jamf removeFramework to remove Casper completely, check all profiles are gone in system preferences, delete the computer entry from the JSS and then re-enroll.

Let us know how that testing goes.

0 Kudos

josh-the-tech
New Contributor

Posted on ‎11-04-2015 02:11 PM

Thanks for the heads up. The original issue was related to the DB going all weird after trying to clear it down following JAMF's instructions so I think our Apple guy may be reluctant to do anything directly with the database. However I'll still mention it.

In regards to the client, I actually re-imaged the MacBook Pro to see if anything client side was causing it, however it was the same after re-image. I'll update tomorrow after discussing with our Apple guy. Thanks :)

0 Kudos

davidacland
Honored Contributor II
Honored Contributor II

Posted on ‎11-04-2015 02:17 PM

No worries. Yep the MySQL commands can be pretty dangerous so you generally want to stop the tomcat process and understand the commands you're typing in!

It might be worth deleting the computer entry in the JSS and then re-imaging as I've had problems when I've left them there in the past. It should t always be needed but will be worth trying in this case.

0 Kudos

josh-the-tech
New Contributor

Posted on ‎11-05-2015 02:34 AM

Thanks for the info @davidacland. I've tried the removal from JSS and re-imaging process to no avail. I've linked this thread to our Apple Deployment Specialist so he can take a look at what you've suggested.

0 Kudos