Replies: 7 comments 19 replies
-
Hi Rob, Would you mind showing some more steps to reproduce this? I.e. how do you enroll a VM and install an MDM profile? |
Beta Was this translation helpful? Give feedback.
-
So when I pull the tart image from ghcr.io/cirruslabs/macos-sequoia-vanilla:latest Looking at the config.json at the root of ghcr.io/cirruslabs/macos-sequoia-vanilla:latest the hardware ID: "YnBsaXN0MDDTAQIDBA-blabla-AAAAAAAAAkAAAAAAAAAAAAAAAAAAABt" I clone from ghcr.io/cirruslabs/macos-sequoia-vanilla:latest to Looking at the config.json at the root of macos2 the hardware ID is different!! I clone my packer image the hardware id of my OCI and my clone are the same. That is the error I am getting and I am wondering what makes your image different than mine @edigaryev Any insight to this issue would help me out! What you do vs what I am doing! |
Beta Was this translation helpful? Give feedback.
-
Yes! Deleted everything that I had locally so a Step 1)
Step 2)
Step 3)
Step 4)
That is the steps I take and the images that I get form you are the only ones that change the |
Beta Was this translation helpful? Give feedback.
-
@edigaryev Thank you for all your help I did a bunch of testing. There is no problem with the I think I found the reason and wonder why it doesn't affect your packer images but there is a keychain issue. Within the system there are: /Library/Keychains/apsd.keychain When I manually delete all these files and do a reboot, I can enrol the device with a MDM profile. I just now added a shell provisioner to my packer build file to delete the files and then will see if I can enrol the device. |
Beta Was this translation helpful? Give feedback.
-
@edigaryev its the keychains for some reason.. Once I blow away all the keychains i can reboot and enroll. With your packer images, do you do anything with the keychains? What hardware builds them? Thanks |
Beta Was this translation helpful? Give feedback.
-
If I pull this image from the repo, no issues with the enrollment, as in don't have to delete the keychain. If build locally issues |
Beta Was this translation helpful? Give feedback.
-
Context:
Building Custom Packer Image with Tart Provisioner
Following the completion and upload of the build to the OCI repository, the image is downloaded, cloned, and then configured with Tart to create a new Mac and serial number for the virtual machine.
tart set --random-mac --random-serial <nameofvm>
The VM is enrolled, but an issue arises. Although the MDM profile is installed, it is stalled. Upon a reboot, the following startup message is displayed: after this message, the MDM profile is functional, but the device is incompletely enrolled.
This behaviour does not occur when using VM images from the Tart public registry.
Could anyone provide an explanation or have encountered this issue before?
Beta Was this translation helpful? Give feedback.
All reactions