Looking for best practices for Zero Touch Deployments
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-10-2022 07:59 AM
Hi everyone,
We are moving towards the Zero Touch Deployment in our organisation. We're using Okta as IDP and would be using Jamf Connect as the authentication mechanism for enrolments and computer logins.
We currently have quite a number of steps that we have to do manually when setting up a new laptop, so first we'd like to automate those steps and then finally add Jamf Connect as the authentication method for Jamf computer binding.
What are looking for best case examples of other companies with similar setups (if possible) and how they've achieved zero touch deployment.
Cheers!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-10-2022 09:17 AM - edited 03-10-2022 09:24 AM
Download depnotify - https://gitlab.com/Mactroll/DEPNotify#download - we have a script to use in conjunction with that here: https://github.com/Rocketman-Tech/Onboarding-With-DEPNotify.
Basic Workflow
- Create Zero Touch Category
- Create Smart Group for Zero Touch Computers / Testing & scope all policies to this group (I usually just set the criteria to an enrolled after date, this encapsulates ADE + Self Enroll, but using a smart group to scope adds flexibility on the fly)
Policy 1 - Triggered to run when enrolled
1. Script: Install Rosetta (Runs Before all other actions)
2. Package: Install depNotify
3. Package: Install jamf connect (When you're ready)
4. Script: run our Onboard script
Policy 2 - your choice, set trigger to recurring check-in, Custom Event Trigger, run once per computer & add custom event trigger to our onboarding script
Policy 3 - your choice, set trigger to recurring check-in, Custom Event Trigger, run once per computer & add custom event trigger to our onboarding script
Policy 4 - your choice, set trigger to recurring check-in, Custom Event Trigger, run once per computer & add custom event trigger to our onboarding script
etc. etc.
@JureJerebic Check out our video on How to Setup Zero Touch Provisioning Here: https://www.youtube.com/watch?v=AeCpwWKof8s
Looking for a Jamf Managed Service Provider? Look no further than Rocketman
________________
Virtual MacAdmins Monthly Meetup - First Friday, Every Month
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-11-2022 02:15 AM
Thanks. I notice that you don't set an admin account. Our users aren't admins, but we do need at least one admin account on the computer (with the secure token enabled). How would this work?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-18-2022 05:50 AM
@Hugonaut bump
