Zero-touch (IT) deployment for 2022
Following completing the JAMF 200 and 300 courses, I have been focusing on building a solution that allows a laptop to come out of a box and begin the enrollment process (if purchased through Apple and School Manager). This JAMF PreStage process has been in place for a long time and works well to bring the laptop quickly to a desktop but is missing some key components.
During the last months, I worked to integrate Google as the IDP to verify the user is active in our system prior to going any further. Following the authentication, PreStage pushes key settings to the laptop to make it as easy as possible to get up and running.
As of late, there are some Enrollment policies that ran right away to install Google Chrome and Drive, Firefox, and Adobe Creative Cloud but most did not display any feedback. Often IT would set the laptop up for the user and install (or verify) necessary items that had been installed. This worked but was very time-consuming (depending on the number of devices deployed and the needs of the specific user).
Enter DEPNotify. I have been trying to get SplashBuddy to work (made some progress but could not get it to run reliably) and finally scrapped that and moved to DEPNotify. As with many products like this, they are largely open-source and on Github for review, taking, and modification. After watching a few YouTube videos (another from 2018), reading a couple of documents, and a lot of trial and error, I was able to get a fresh machine to boot, ask for a login, verify location and date and time, and then upon landing on the desktop, kick-off DEPNotify.
DEPNotify would then display (fullscreen) a welcome page and begin the process of installing the necessary resources.
I start with Rosetta 2 (DEPNotify just calls other policies via an easy to tweak the script in JAMF so point to existing policies and the process begins). As each installs, the text updates, and the progress bar advances. The final policy names the computer using a standard format and logic and saves the updated information to JAMF. At completion, the user is dropped to their desktop with the necessary applications installed and in place.
For the deployment of 1000+ machines, I would like to refine the following:
- Customize the apps to the user (faculty, staff, or student)
* Provide additional information and feedback to the user
- Gather some basic information from the user (asset tag?)
* Capture the MAC to (possibly) feed (directly) into RADIUS
* Better leverage Self Service to support app deployment/troubleshooting
I have posted the code I have been using to build DEPNotify to include some of the logic I spoke about in the top list of things to do…
Check out my first public post to GitHub (https://github.com/sadamsonmka/DEPNotify-PUB)
As I progress through the testing process, I’ll be sure to update as on what has been working and what has been a challenge. Any feedback or thoughts would be appreciated.
