FR - Add minimum macOS Version Check for ADE #159
Description
Problem:
As devices age out we want to prevent users enrolling older or unsupported devices. We currently force devices during ADE to upgrade to latest macOS based on hardware using JAMF. This is fine for supported models, however a user can currently still enrol an ADE device with macOS 11, 12 and now 13 installed as the latest OS - even though they are all end of life.
Currently I have a script that runs during pre-stage (before JSM installs) to check macOS version and (not very gracefully) interrupt the ADE process and reboot the device, rendering it unusable.
Where JSM can help:
During the 'Getting Ready' phase it would be ideal at this point to check the macOS version and if it falls below an admin defined value in the config it simply halts and displays a custom message - usually in our case directing the user to contact our Service Desk
'Sorry, we cannot proceed with setup of your device. Your device (macOS 13) no longer meets the organisations minimum macOS requirements (macOS 14), please contact the Service Desk to arrange for a replacement device'
This keeps the device enrolled (so we have sight of it in JAMF) but does not allow the user to proceed and/or use the device. If they reboot or try to force quit JSM - at the next reboot it will just loop back into JSM due to the completed flag file being missing.