Help

Keep Apple apps from installing automatically on enrollment

avargas
New Contributor II

Posted on ‎09-22-2023 10:57 AM

Hopefully, this is an easy one. I'd like to be able to keep the Apple apps from installing automatically on enrollment. I don't want to exclude them, I just want them available in Self Service. 

(I.e. Garage Band, Pages, Keynote, Numbers, iMovie)

 

Any ideas?

 

Thanks in advance

Labels:
0 Kudos
4 REPLIES 4

Tribruin
Valued Contributor II

Posted on ‎09-22-2023 11:10 AM

You choose your distribution method when you setup the VPP app in MacApps:

Tribruin_0-1695406216361.png

But, if the computer is brand new the iWorks apps are pre-installed from the factory. But, they do not when get re-installed after a wipe and restore. 

 

0 Kudos

avargas
New Contributor II
In response to Tribruin

Posted on ‎09-22-2023 11:15 AM

Thanks for your reply. I have the distribution method set as Make Available in Self Service, but when I wipe and restore, they still re-install automatically. 

0 Kudos

foobarfoo
Contributor
In response to avargas

Posted on ‎09-22-2023 11:09 PM

I'm guessing here, but I think you're experiencing something similar to us. First, the Apple apps (Garageband, Pages etc) come preinstalled on factory new devices. I'm not sure if they now persist after a wipe, but that could be the case. That's probably why they appear to be installed automatically.

In order to manage this situation, we make those apps available to all devices in Self Service, and tick the box to make those apps managed when possible. This converts the app to a managed app, and installs any update to it. This also covers the case when they're not preinstalled since they're available as usual in self service. It also covers the odd use case when a user logs in to the app store and installs it from there (for those that have the app store enabled).

One other possible solution we've considered is to scope the apps to a smart group that includes devices that were enrolled less than X days ago. After a few days have passed, they would thus no longer be a member of that group, and then the apps would uninstall. However, this would only be an appropriate approach if your org NEVER uses any of the iWork apps.

0 Kudos

cbrewer
Valued Contributor II

Posted on ‎09-24-2023 08:44 PM

Something I've done for a few years now is run a script on enrollment that checks the date of each app (pages, numbers, etc) and deletes the app if it's older than 7 days. I'm assuming that if the apps are older than 7 days then they're pre-installed. I remove them and then new managed versions will either be auto installed or they will be available in Self Service depending on the purpose of the computer.

Example script...

#!/bin/bash

# Delete GarageBand, iMovie, Keynote, Numbers and Pages if they were pre-installed on the machine (checking for directory modified time older than 7 days)

# GarageBand
if [[ -d /Applications/GarageBand.app ]]; then
  if [[ $(find /Applications/GarageBand.app -mtime +7 -type d -maxdepth 0) == "/Applications/GarageBand.app" ]]; then
    echo "GarageBand.app older than 7 days. Deleting app..."
    rm -R /Applications/GarageBand.app
  else
    echo "GarageBand.app less than 7 days old. Leaving in place."
  fi
else
  echo "GarageBand not installed"
fi

# iMovie
if [[ -d /Applications/iMovie.app ]]; then
  if [[ $(find /Applications/iMovie.app -mtime +7 -type d -maxdepth 0) == "/Applications/iMovie.app" ]]; then
    echo "iMovie.app older than 7 days. Deleting app..."
    rm -R /Applications/iMovie.app
  else
    echo "iMovie.app less than 7 days old. Leaving in place."
  fi
else
  echo "iMovie not installed"
fi

# Keynote
if [[ -d /Applications/Keynote.app ]]; then
  if [[ $(find /Applications/Keynote.app -mtime +7 -type d -maxdepth 0) == "/Applications/Keynote.app" ]]; then
    echo "Keynote.app older than 7 days. Deleting app..."
    rm -R /Applications/Keynote.app
  else
    echo "Keynote.app less than 7 days old. Leaving in place."
  fi
else
  echo "Keynote not installed"
fi

# Numbers
if [[ -d /Applications/Numbers.app ]]; then
  if [[ $(find /Applications/Numbers.app -mtime +7 -type d -maxdepth 0) == "/Applications/Numbers.app" ]]; then
    echo "Numbers.app older than 7 days. Deleting app..."
    rm -R /Applications/Numbers.app
  else
    echo "Numbers.app less than 7 days old. Leaving in place."
  fi
else
  echo "Numbers not installed"
fi

# Pages
if [[ -d /Applications/Pages.app ]]; then
  if [[ $(find /Applications/Pages.app -mtime +7 -type d -maxdepth 0) == "/Applications/Pages.app" ]]; then
    echo "Pages.app older than 7 days. Deleting app..."
    rm -R /Applications/Pages.app
  else
    echo "Pages.app less than 7 days old. Leaving in place."
  fi
else
  echo "Pages not installed"
fi

 

 

0 Kudos