In some situations, a managed computer can enter a state where MDM commands process normally, but functionality that relies on the Jamf management framework is consistently failing. In this state, policies fail to execute and the Jamf Pro logs report "Device Signature" errors for the computer.
To restore management with the Jamf Pro server, the Jamf management framework should be reinstalled on the affected computer. As long as the MDM profile on the computer is still valid, you can use Jamf Pro to redeploy the Jamf management framework using the v1/jamf-management-framework/redeploy endpoint in the Jamf Pro API.
When reinstalling the Jamf management framework via this endpoint, Jamf Pro will clear or retain information for that computer based on the global re-enrollment settings you have configured. In addition, any policies scoped to the computer with a trigger of "enrollment complete" will be executed again. For more information, see Re-enrollment Settings in the Jamf Pro Documentation.
Leveraging Jamf Routines to Redeploy the Jamf Management Framework Automatically
You can configure Jamf Routines to automatically redeploy the Jamf management framework to a group of computers that are likely to be in this state (example: "computers that have not checked in in more than 30 days"). For more information, see Routines Template Reference in the Jamf Routines Documentation.
Jamf Routines is available for Jamf for Mac, Jamf for Mobile, Jamf Enterprise plan or Jamf Business plan customers. Device minimums apply for Jamf for Mac and Jamf for Mobile customers.
Jamf Pro 10.36 or later
A valid MDM profile and network connection on the target computer
The following privileges in Jamf Pro:
- Jamf Pro Server Settings: Computer Check-in Setting
Jamf Pro Server Actions: Send Computer Remote Command to Install Package
Jamf Pro sends an MDM command to reinstall the Jamf management framework on the target computer.