FR: Create a "Is managed check"

By: USER8444
13 Maret 2026 Jamf-Concepts actions 5 minutes
4.5
31 views 31 comments 21 shares

Question

Grade: Education Subject: Jamf-Concepts actions
FR: Create a "Is managed check"
Asked by:
31 Viewed 31 Answers

Answer (31)

Best Answer
(524)

When in association with Apple Configurator 2, devices that erase or Return to Service loop as the device sees a new plug-in and a pending erase command is sent up to the device record after the initial wipe. Create a task that can be run prior to the erase that verifies if the device is managed. If it is managed, proceed with the wipe. The wipe causes the record to be marked as unmanaged and after reboot when a "plug-in" is detected, the check sees the device is not enrolled and will not issue a wipe

Answered on 13 Maret 2026
(2775)

Answer:

To create a "Is managed check" that verifies if an Apple device is managed before initiating a wipe or erase command using Apple Configurator 2, follow the steps below:

  1. Create a new script: In Apple Configurator 2, go to the Library tab and click on New Script. Name the script, for example, CheckDeviceManagementStatus.scp.

  2. Add the following script code:

#!/bin/sh

# Get the device's management status using the system_profiler command
management_status=$(system_profiler SCDynamicStore -xml | grep -E '(<key>Management[[:space:]]+:</key>.*<string>[[:space:]]+Managed)</string>' | sed 's/<[^>]*>//g')

# Verify if the device is managed
if [[ "$management_status" == "Managed" ]]; then
  echo "Device is managed."
  # Proceed with the wipe or erase command
  # Replace <your_erase_command> with the actual erase command
  # For example: /usr/sbin/dpkg-reconfigure -plow dhcp3-client
  #/usr/sbin/<your_erase_command>
else
  echo "Device is not managed."
  # Display an error message and exit the script
  echo "Error: Device is not managed. Aborting wipe/erase command."
  osascript -e 'display notification "Device is not managed. Aborting wipe/erase command." with title "Error"'
  exit 1
fi

Replace <your_erase_command> with the actual erase command you intend to use.

  1. Save and close the script: After adding the script code, save the script and close the script editor.

  2. Create a new action: Go to the Actions tab and click on New Action. Name the action, for example, CheckDeviceManagementStatusAndWipe. Add the new script as a step in the action.

  3. Configure the action: Configure the action to run before the wipe or erase command. For example, if you are using the Automated tab to manage devices, you can add the action to the Prepare phase.

  4. Save and apply the configuration: Save the configuration and apply it to the devices you want to enforce managed status before wiping or erasing.

With this setup, the "Is managed check" task will run prior to the erase or wipe command, and if the device is managed, it will proceed with the command. If the device is not managed, the check will display an error message and abort the wipe or erase command.

Answered on 13 Maret 2026

Related Articles

DeleteClusterData has no timeout on unbounded SCAN+DEL

54 views 54 comments

[Feature] XMPP channel adapter is stub implementation

53 views 53 comments

Failed to list files, Directory not found

41 views 41 comments

Proposal: HKUST NLP Group Website

33 views 33 comments

Security: API authentication and TLS (Phase 1 — Critical)

57 views 57 comments

How do I use the 'Find & Replace' feature to resolve XL100 errors in specific cells?

84 views 84 comments

Analytics Dbt

13 views 13 comments

[BUG] SECURITY: claude-in-chrome built-in MCP controls browsers cross-device without consent or device pairing + full session inheritance

137 views 137 comments

Recommended Articles

Lowongan Kerja Terbaru (Maret 2026)

36 views 35 comments

Wahyu Widagdo Purnomo | AVP | Tech Builder | Corporate Athlete

63 views 62 comments

Cheat Point Blank Pekalongan

29 views 28 comments