We help top organizations stay competitive, by implementing the latest disruptive technologies.

Latest Posts

Remotely Enroll a macOS Device with LANDESK MDM

Remotely Enroll a macOS Device with LANDESK MDM

With the release of LANDESK Management Suite 2016.3, LANDESK can now manage a Mac using an MDM profile in addition to the traditional LANDESK agent.  One of the main benefits of enrolling with the Mac the MDM service, in addition to already having your regular agent installed, is that you’ll be able to push a VPP app to the Mac.

This blog will walk you through the process of creating a package to install the LANDESK MDM Enroller app on your Mac and then subsequently running a script to enroll the Mac with the MDM service.

Part 1 – Create a LANDESK MDM Enroller Bundle Package Folder

  1. Open the LANDESK Management Suite Console
  2. Navigate to the top menu bar, select Tools > Distribution > Distribution Packages
  3. In the lower left menu tree, highlight My Packages or Public Packages from within the Distribution Packages window
  4. Right click on the selected folder and click on New Package Bundle
  5. Provide your desired package bundle name, I used LANDESK MDM Packages

Part 2 – Create a LANDESK MDM Enroller Package

  1. Download the LANDESK MDM Enroller app from the Community page and copy it to your file share
  2. Right click on your package bundle, hover over New Macintosh Package and select Macintosh Agent
  3. Give the package a name
  4. Browse to the Enroller App file you previously saved and select it from within the Primary File window
  5. Provide a description and any metadata information if desired
  6. Save the package

Part 3 – Create the LANDESK Enrollment Script

The script is pretty basic, you just need to call the command line utility with a -u for username, -p for password and -m for the enrollment server.  The script has been built with variables, so just adjust the variables and you’ll be set.

  1. On a Mac device, save the Enroller script from GitHub as a .sh file or use the script pasted at the bottom of the blog
  2. Open the .sh file with your text editor and edit the variables for the username, password and enrollment server
  3. Save the file
  4. Set the execute permissions by running chmod +x /script/path/name.sh
  5. Compress the .sh file
  6. Copy the .sh file to your package share

Note: The script is calling the command line utility built inside of the LANDESK MDM Enroller application.  That means that in order for this script to properly execute, the LANDESK MDM Enroller must already be installed.  To ensure this takes place, we are bundling the packages together and will tell LANDESK which package to execute first.

Part 4 – Create the Enrollment Script Package

  1. Right click on your package bundle again, hover over New Macintosh Package and select Macintosh Agent
  2. Give the package a name
  3. Browse to the zipped script file you previously copied to your package share and select it from within the Primary File window
  4. Provide a description and any metadata information if desired
  5. Save the package

Part 5 – Deploy the Enrollment Package Bundle

  1. Right click on your package bundle and select Properties
  2. Select the Bundle Package Settings from the menu tree
  3. Use the Up / Down buttons to make sure your packages are listed in the appropriate order, with the MDM Enroller app being first and the script being second; clicking Save when you’re finished
  4. Right click on the bundle package one final time and select Create Scheduled Task(s)…
  5. Right click on the newly created Scheduled Task and click on the Properties option
  6. Add your desired targets
  7. Set your desired Task and Portal settings
  8. Schedule the task

[wpvideo D8ODthrX]


#  mdmAutomaticEnrollment.sh
#  Created by Bennett Norton on 11/1/16.
#  This script will enroll a LANDESK Management Suite managed macOS device with an additional MDM profile for support with features like VPP

# NOTE: This script assumes the Mac to be enrolled with an MDM profile is currently under management within LANDESK Management Suite, with a valid agent, and that the Mac has already installed the LANDESK MDM Enrollment Application found at https://community.landesk.com/docs/DOC-42347

#Script Variables
#change the variables to match with a valid LANDESK Management Suite user, corresponding password and enrollment server URL.  The server URL format should be the fully qualified name of the Cloud Service Appliance / LANDESK Server name.


#Enroll the managed Mac device with MDM

/Applications/LANDESK\ MDM\ Enroller.app/Contents/MacOS/ldmdmenroll -u "$landeskUserAccount" -p "$landeskPassword" -m "$enrollmentServerURL"

No Comments

Post A Comment