Skip to main content

What is the best practice for app deployment? Is it using the “Mac Apps” menu and setting them to auto install instead of self service store, or deploying apps using Policies?

My best guess is to add app-specific scripts and settings, but is there anything else that gives benefits using policy instead of just making it mandatory in the other way?

Not really a best practices per-say. 
 

  1. Always use the JAMF app catalog or VPP if possible. Updates are handled automatically if set that way. 
     
  2. If the app isn’t available in the JAC or VPP, or requires a specialized configuration - then use a policy with a script to scrape the web for the package and install it… then configure it. 
     
  3. Sometimes you can use both methods mixed with a configuration profile to configure said apps. Really depends on how the app postures for configurations. 
     

All that to say this - if updates are a big deal for your org, then stick with number 1. If deployment options are important, then stick with number 2. 

This is entirely up to your business needs.

  • AppStore - I generally recommend to auto install AppStore Apps, as the delay with VPP processing once a user clicks install and how it behaves if a user clicks install a bunch of time is just bad optics.
  • Custom Apps, I use I use Jamfs app catalog when available. I install automatically anything we want to be persistent across all devices in scope, and self service everything else.

Pretty much the same here as mentioned above, except we don’t generally automate finding the installers due to possibly “supply chain” type attacks.  That phase has a human element in it to download the package file.  We name them generically and note the version so that we can just send the newest directly to the distribution point.

We’re trying to get out of the business of packaging.  Vendors should be using the industry standard method of supplying package files.

Terms & ConditionsCookie settingsAccessibility statement