Online Open Directory services? Can we install profiles before setting up Macs?
At long last, yes you can set up management for zero touch deployment through a couple avenues.
- Use an Apple Service called Device Enrollment Program which is now part of the Apple Business Manager service / web app. https://business.apple.com
- Use a product to leverage the login process and install a tool like Jamf Connect which lets you run scripts and check in with a directory before any user logs in. https://www.jamf.com/products/jamf-connect/
You can even combine both so that when you purchase a Mac and ship it, it will be enrolled in the management framework, have certificates and helper scripts loaded so that you can leverage cloud identity providers like Okta or Azure AD or roll your own LDAP/OD as the Jamf Connect is based on an open source NoMad project which was acquired and now is enhanced and has become Jamf Connect.
- https://gitlab.com/Mactroll/NoMAD
The implementation of this is quite broad, but there are professional resources and communities to help. I would start with JAMF pre-sales support and consider joining the Mac Administrators Slack if you want guidance and mentoring more than a Q&A site like this (and I would recommend both, tbh)
- https://macadmins.herokuapp.com/
- https://scriptingosx.com/2018/06/macadmins-slack-a-highly-opinionated-guide/