Add the munki installer when you need to select an application.I advice you to choose something that starts with DEP-xxx if you’re planning to create more device groups. Go to the “Devices” menu and create a new “Device Group”.There will be a separate blogpost why Jamf School names the package “Managed Software Center” and the version it retrieves.Choose: “Add In-House macOS Package” and upload your munki installer package.Upload your munki client in the “Apps” menu, by choosing “+ Add App”.Don’t forget to enable “Wait for the configuration to be applied before continuing the Setup Assistant” for your DEP profile.Create a DEP profile, choose a name that starts with DEP-xxxx and set your settings meeting your requirements.At the moment it isn’t necessary to notarise the package, because it is installed bij the MDM. Note: Jamf School signs the package when you upload it, some other MDM vendors you need to sign the package yourself. Steps to get this working with Jamf School. To use this script I advice you to read this article on the Munki github wiki: b Enable munki bootstrap mode (will fire as soon as DEP release the Mac to the LoginWindow, to use with scenario where the Mac is bound to a domain during DEP) Ex: "Developer ID Application: Munki (U8PN57A5N2)" S cert_cn Sign apps with a Developer ID Application certificated from keychain. Ex: "Developer ID Installer: Munki (U8PN57A5N2)" s cert_cn Sign distribution package with a Developer ID Installer certificate from keychain. c package Include a configuration package (NOT CURRENTLY IMPLEMENTED) It also offers you to enable Munki Bootstrap and other options as wel: This will create a Munki installer package that will use a postinstall script to load the Launchd items during the MDM setup process. To help you with that there’s a script in the Munki repo that you can use called “make_munki_mpkg_DEP.sh” you can find here: When DEP installs the munki package there can’t be a restart when you are in the MDM Enrollment / setup assistant windows for example. This package needs a restart to load the launchd items when installed. The standard Munki installer package you can download from the github repository isn’t usable for installation during DEP in the setup assistant. My aim for this blogpost is to explain how you can create the Munki installer so it can be used with Jamf School DEP workflow and how you can configure Jamf School to install Munki during MDM enrollment. So no need to explain how to setup DEP, Apple School Manager (ASM) and Jamf School with the Apple push certificates etc. There is already a lot of good documentation found on the internet and on the Macadmins Slack. These blogposts are written with Jamf School as the MDM vendor, but probably are useful if you use another vendor like Mosyle or SimpleMDM. As I work in higher education where 80% are (non-personal) lab iMacs bound to Active Directory and 20% (personal) 1:1 MacBooks, I need to perform extra steps to overcome the challenges getting it properly working for our whole fleet. I will be writing a series of blogposts on how to use Munki with Jamfschool using “Automated device enrollment” formerly known as DEP workflow.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |