Hi there,
We have a Jamf-Pro on premise instance.
i’m looking how to install our EDR, packaged, during the enrollement step, using same process to install SelfService.
Is it possible to do this?
Thanks
Question
How to install pkg during enrollement
+2
+13You can set Enrollment complete as a trigger, which will install the packages straight after enrollment.
OR.
You can add the Packages to the Prestage setup and have them installed during prestage.
+26As
What I used to do was have a single enrollment policy that had a script payload that ran sudo Jamf policy -id to install all the security clients in the order I wanted rather then having a bunch of policies independently triggering at enrollment.
+13As
What I used to do was have a single enrollment policy that had a script payload that ran sudo Jamf policy -id to install all the security clients in the order I wanted rather then having a bunch of policies independently triggering at enrollment.
That is how my setup works. One script that launches at enrollment. It then calls by named trigger all of the policies, in the order I want, and once complete it then reboots the Mac.
+2You can set Enrollment complete as a trigger, which will install the packages straight after enrollment.
OR.
You can add the Packages to the Prestage setup and have them installed during prestage.
Thank you for your answer, i saw this option, but it tells me i don’t have a distribution point avalaible to do this, so i only be able to select NONE on distribution point option, i don’t know if ti has an issue?
I will look to your other option but i’m not sure to know how to do this, my job give me our Jamf Pro management because my colleague left, i have good knowledge about inventory and group management, i have to improve my skills
+2As
What I used to do was have a single enrollment policy that had a script payload that ran sudo Jamf policy -id to install all the security clients in the order I wanted rather then having a bunch of policies independently triggering at enrollment.
Could you show me how you set it up in jamf pro?
+26Which one?
- Making the policy trigger off enrollment is just a drop down on the general page.
- Making a script to trigger policies is just a simple string, and putting it on a policy set to trigger on enrollment.
Script example, but you can get a lot more complex and robust than this and include error handling.
#!/bin/bash
### Install tool 1 (whatever you want to call this)
echo "Install tool 1"
sudo Jamf policy -event {custom event name no curly brackets}
### Install tool 2 (whatever you want to call this)
echo "Install tool 2"
sudo Jamf policy -id {whatever the policy ID is which is found at the end of the URL for the policy without curly brackets}
### Install tool 3 (whatever you want to call this)
echo "Install tool 3"
sudo Jamf policy -id {ID and and event can be changed and exchanged to meet your needs)
### Keep adding extra policies to meet your needs, this does not get around scoping so if a policy is not scoped to a device this won't force it to trigger.
+26You can set Enrollment complete as a trigger, which will install the packages straight after enrollment.
OR.
You can add the Packages to the Prestage setup and have them installed during prestage.
Thank you for your answer, i saw this option, but it tells me i don’t have a distribution point avalaible to do this, so i only be able to select NONE on distribution point option, i don’t know if ti has an issue?
I will look to your other option but i’m not sure to know how to do this, my job give me our Jamf Pro management because my colleague left, i have good knowledge about inventory and group management, i have to improve my skills
To deploy packages during enrollment itself with the prestage the package needs to be signed and hosted on a cloud distribution point. You can still have policies trigger at enrollment, a bit later in the process then prestage, but still before the user can log in, usually.
+2You can set Enrollment complete as a trigger, which will install the packages straight after enrollment.
OR.
You can add the Packages to the Prestage setup and have them installed during prestage.
Thank you for your answer, i saw this option, but it tells me i don’t have a distribution point avalaible to do this, so i only be able to select NONE on distribution point option, i don’t know if ti has an issue?
I will look to your other option but i’m not sure to know how to do this, my job give me our Jamf Pro management because my colleague left, i have good knowledge about inventory and group management, i have to improve my skills
To deploy packages during enrollment itself with the prestage the package needs to be signed and hosted on a cloud distribution point. You can still have policies trigger at enrollment, a bit later in the process then prestage, but still before the user can log in, usually.
Ok thank you, i will try what you explain
+16I’d recommend you take a look at Jamf Setup Manager - https://github.com/jamf/Setup-Manager. I’d previously used a variety of policies triggered at enrollment and smart groups and a scripted flow similar to the above, but instead a few months back switched to JSM. It provides a much better on-boarding experience IMHO with GUI and progress bar flows. You can take any policy that you have and drop it into the JSM workflow.
+2I’d recommend you take a look at Jamf Setup Manager - https://github.com/jamf/Setup-Manager. I’d previously used a variety of policies triggered at enrollment and smart groups and a scripted flow similar to the above, but instead a few months back switched to JSM. It provides a much better on-boarding experience IMHO with GUI and progress bar flows. You can take any policy that you have and drop it into the JSM workflow.
Hi, OMG it looks great, i’m going to try this, its exactly what we need to keep the “wow effect”!
+2I’d recommend you take a look at Jamf Setup Manager - https://github.com/jamf/Setup-Manager. I’d previously used a variety of policies triggered at enrollment and smart groups and a scripted flow similar to the above, but instead a few months back switched to JSM. It provides a much better on-boarding experience IMHO with GUI and progress bar flows. You can take any policy that you have and drop it into the JSM workflow.
I’ve juste made a quick test but is it possible to install packages with JSM which are on local sharepoint?
+2I found a solution using policy trigger to launch local installations with scripted packages and package apps
+11For my on-prem Jamf environment, I do not try to install everything directly during Setup Assistant. Instead, I use a base first-run package scoped by PreStage smart groups that runs during enrollment complete.
That package includes some setup files and a postinstall script that prepares the Mac to continue setup after the user logs in using Dan Snelson’s Setup Your Mac workflow from a launch agent that starts the process. I have other smart groups to automatically install security, compliance, and other core tools that install automatically once the device is enrolled; however, they are not necessarily based on enrollment. So once the computer finishes enrollment and gets the pkg install, then the user completes the remaining setup after sign-in. It also gives the user a little time to get familiar with the computer instead of forcing every install during the initial Setup Assistant flow.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.