Help

User initiated Enrollment

Sobchak
Contributor

Posted on ‎05-01-2015 07:59 AM

I am trying to get self-enrollment working for Mac computers, but when a user tries to do this they get "quickadd.pkg" can't be opened because it is from an unidentified developer.

I assume I need to go to Options, Global Management, User-initiated Enrollment. Then check the "Sign QuickAdd Package" box and upload a certificate. This is where I am a little confused. How do I get the certificate?

0 Kudos
Reply
2 REPLIES 2

mm2270
Legendary Contributor III

Posted on ‎05-01-2015 08:45 AM

Its trivial to bypass the Gatekeeper restrictions manually. The user can either just right/control click on the package in their Downloads folder, or wherever it landed, and choose "Open" and Installer.app will open it and let them run it.
Second way is, after they get this error, go into System Preferences > Security & Privacy (assuming its not grayed out for them) and at the bottom of the General tab it will show the package Gatekeeper just blocked with an Open button next to it they can click.

As for the developer certificate, you need to sign up as a developer with Apple I believe to get a valid dev ID to use. As far as actually creating the certificate, I can't help there as I haven't done it, but I'm sure you can locate that with some Googling. I would just instruct users to use one of the methods above to run the installer until you get the certificate part taken care of.

0 Kudos
Reply

bpavlov
Honored Contributor

Posted on ‎05-01-2015 08:56 AM

Just going to leave a few links here that I think will help you:

https://derflounder.wordpress.com/2012/08/13/creating-apple-developer-id-signed-casper-quickadd-inst...

https://jamfnation.jamfsoftware.com/article.html?id=301

https://jamfnation.jamfsoftware.com/article.html?id=294

https://jamfnation.jamfsoftware.com/viewProductFile.html?id=135&fid=459

https://developer.apple.com/library/mac/documentation/IDEs/Conceptual/AppDistributionGuide/Maintaini...

https://developer.apple.com/library/ios/documentation/IDEs/Conceptual/AppDistributionGuide/Troublesh...

The only other piece of advice I can give you is to do this while in a VM and take a snapshot each and every step you can because if you screw up, you definitely don't want to lose any certificates you generated as I imagine the process to request new ones will be a little convoluted. Can't just use Xcode to generate new ones.

Also I could be mistaken but I believe the certificate you will need will probably be the Developer ID Installer certificate. Needless to say you will need an Apple Dev Mac account: https://developer.apple.com/programs/mac/

0 Kudos
Reply