0

Apple DEP/Apple Device Enrollment Debug Log

Posted on 16th June 2020

When building DEP Pre-Stage enrollments, you may wish to have eyes on some advanced logging output. We can turn on Debug mode for DEP/ADE on a per-machine basis by doing the following to that machine.

  1. Boot the machine into recovery mode after you have completed a clean install of the OS. (CMD + R at boot).
  2. Once booted, go to Utilities -> Terminal.
  3. Run the following 4 commands:
    • defaults write /Volumes/Macintosh\ HD/Library/Preferences/com.apple.apsd EnableDetailedLogging -bool TRUE
    • defaults write /Volumes/Macintosh\ HD/Library/Preferences/com.apple.MCXDebug debugOutput -2
    • defaults write /Volumes/Macintosh\ HD/Library/Preferences/com.apple.MCXDebug collateLogs 1
    • touch /Volumes/Macintosh\ HD/var/db/MDM_EnableDebug
  4. Quit Terminal and reboot the machine and begin your enrollment process. You will see a new log that will output to /Library/Logs/ManagedClient/ManagedClient.log

Once you have generated the log, you can disable the debugging mode by opening terminal while normally booted and logged into the OS.

  • sudo rm -f /var/db/MDM_EnableDebug
  • sudo rm -f /Library/Preferences/com.apple.MCXDebug.plist

Hopefully this helps you easily discover what is causing your enrollment process to fail.