Hey Hexnode, I’ve been trying to push a couple of policies to our macOS devices, and I’m getting the following error.
“Device profile policy association is successful. User profile policy association has failed. User token could not be fetched to the server.”
It seems like this is happening only on a few devices, not all. Can someone explain what this means?
17 Views
Hey @josiah, Thanks for reaching out to Hexnode Connect.
The error you are referring to can be seen in certain scenarios, and is tied to how macOS handles user identity during MDM enrollment.
When a macOS device is enrolled, Hexnode maps the policy association to the user account that performed the enrollment. If the device is later being used or logged into with a different local user account, macOS won’t return the required user token, which leads to the failure you’re seeing in the user profile part of the policy.
That explains why your device profile applies successfully (since that’s machine-level), while the user profile fails.
Here’s how you can fix it:
Please try the following steps on the devices where user profile policies are failing:
|
1 |
sudo profiles renew -type enrollment |
This resets the current logged-in user as the default enrolled user, which allows macOS to generate a fresh user token. After this, your user profile policies should start associating successfully.
If you run into anything else or need further assistance, feel free to reach out; we’re always happy to help.
Best regards,
George
Hexnode UEM
Don't have an account? Sign up
