Introduction
Firstly, apologies. I didn't manage to get this post out on Thursday as I had planned. A few things got in the way. I began writing, but didn't finish.
Well, I can't believe we've finally come to the end of this post series. This is the first time I've truly tried to give something back to the MacAdmins and Jamf community that has helped me so much over the years. Without which, most of what I've done would not have been possible.
Adjusting to this role has been challenging. I have never been a true fan of Apple, or their products. I'm still not entirely convinced they have a perfect role within an enterprise style environment, either. However, the ease and speed at which I can deploy iPhones and iPads, and have them under a decent level of management, has been spectacular. And, with Apple heading down this route for macOS devices, there may be a future in it. Especially with declarative management. This post series was a gentle nod to the fact that it seems to be getting closer.
Adjusting to writing these posts has also been challenging, but a great learning opportunity. By the fourth part, I felt I had settled in to the writing a little better. The first three felt, somewhat, rushed in comparison. I've still got a lot that I can improve upon, but that's what it's all about, after all.
Series Summary
If you haven't followed the posts each week, I don't blame you. This will be a great chance to figure out what's been going on, and what was achieved across all of them. I'll provide a link to each post with a short summary.
Part One - Prerequisites and PreStage
The first post was a boring, but somewhat important part in this series. In it, we lay the groundwork and cover the prerequisites required to make this all work.
The three main components are:
- Apple School Manager
- Jamf Pro
- macOS Big Sur or later
In it, we prepare the workflow to take the device from ordering, to PreStage via Automated Device Enrolment (DEP).
Part Two - From PreStage to Auto Logon
This is quite a big part of the project. We cover the creation of Smart Groups, Scripts, Extension Attributes, and Policies.
Using these building blocks, we are able to take a device from the default log on screen of PreStage, and automatically log it in with our newly created account.
Part Three - Preparing for Deployment
This one lays the groundwork for part four. Here, we make use of further Smart Groups, Scripts, Policies, Extension Attributes, and DEPNotify.
Part Four - Deploying Applications
In part four, this is where we really start to bring the whole thing to life, and see the results of all the hard work that was done in the last three parts, making this whole thing possible.
Yet again, more Smart Groups, Scripts, Policies, and one of my favourite features, Inventory Preload.
Part Five - Getting it User Ready
And finally, part five. This was it. The culmination of months of planning, testing, stress, confusion, and severe hair loss.
We create the final few Smart Groups, Policies, Scripts, and make use of NoMAD, and NoMAD Login to make our device truly user ready.
With all this in place, we can do a full zero touch setup on our brand-new iMac.
- Assign it to our MDM server in Apple School Manager
- Use Inventory Preload to provide Jamf some information
- Plug it in
Once it's plugged in, it will automate its entire setup process, installing all our applications inside 2 hours. Completely ready for use.
As you can see, our ** Lab - Zero Touch - Onboarding - DEPNotify ** ran for 1 hour, 33 minutes, 12 seconds. Sixty-nine minutes of that was Adobe.
Without it, you're looking at a fully managed and useable device within 15-20 minutes. Start to finish.
If you've read this part, you may notice that Office 365 is missing. This was down to a typo in the script of the trigger name. It takes about 5.5 to 8 minutes.
Overview Graphic
Below is an incredibly rough workflow overview graphic attempting to show this whole process. I won't lie, I'm not overly happy with it, but I think it serves its purpose well enough.
A Video Summary
OK, that's enough waffle. What does this actually look like when it happens? Well, here's a video showing the process.
I have trimmed out parts of the video to make it shorter (who wants to watch almost 2 hours of this?). But the whole process is there. This was not a professional trim job!
Thanks & Contacts
As I mentioned at the start. None of this would have been possible without the incredible communities that I'm a member of. First and foremost, to MacAdmins.org. Their Slack channels provide access to some incredibly talented people who are always friendly and willing to help. There is an absolute treasure trove of information in there if you search for it.
Next, the Jamf Community. If you have a question about something Jamf, it's probably already been answered here in some way.
And also a big thank you to Scripting OSX for the post mentions in the weekly round-up. Seeing that made my day, thank you!
If you want to get in touch with me, you can find me in various places. The MacAdmins Slack for one (#uk)! However, the quickest and easiest place is over on the Fosstodon.org Mastodon instance, or Matrix: @grayw:opensuse.org
The post Photo for this post series was by Quaritsch Photography on Unsplash