If you plan to configure Jamf Connect settings that should only be used during enrollment with Jamf Pro, you can create a separate configuration profile for these settings.
This allows you to use a smart computer group to apply the settings during Automated Device Enrollment, and automatically remove the settings from computers after setup is complete.
Common settings include:
Acceptable use policy settings
Notify screen script
authchanger command-line arguments that enable the Notify screen
In Jamf Pro, click Computers in the sidebar.
Click Smart computer groups in the sidebar.
Create a smart computer group that includes computers that successfully enrolled with Jamf Pro and have Jamf Connect installed.
You can choose the "Jamf Connect - FirstRunDone" extension attribute or any other criteria that indicates computers in your environment completed their initial setup.
Criteria
Operator
Value
Jamf Connect - FirstRunDone
is
FirstRunDone
Click Save .
Click Configuration profiles in the sidebar.
In Jamf Pro, navigate to and configure enrollment-only settings in the com.jamf.connect.login preference domain.
If your organization uses the notify screen, add a custom PLIST file that enables the Notify screen on computers.
In the Preference Domain field, enter com.jamf.connect.authchanger.
In the Property List field, add or upload the following:
Click the Scope tab and add the smart group that includes computers that successfully enrolled with Jamf Pro and have Jamf Connect installed as an exclusion.
This ensures that the enrollment-only settings are removed after enrollment.