Hi folks, I’m back! The past two weeks our new born son claimed all my time and energy, so no way I could focus on any tech related matter 🙂
To get back into the blogging activity, let’s start with something easy, yet very handy for those who are regularly testing MDM deployments.
Automated MDM Enrolment and VMWare Fusion: configure a virtual machine to behave like one of your “DEP” devices. This is nothing new, but from time to time I talk to people who are not aware of the possibility, so let’s have a look at how to do this.
Note: Apple recently changed the name of what we all know as “DEP” to “automated MDM enrolment”, so let’s start to embrace this name change.
For this blog I’ll limit this tutorial to VMWare Fusion. The idea behind this workflow for Parallels Desktop is similar, but a bit different in view of how Parallels works. I’ll confirm my workflow with Parallels and add another post with the Parallels workflow later.
- Serial number of a device which is listed in your Apple School/Business Manager: e.g. C02N49ZVXXXX
- Model number of the device: e.g. MacBookAir6,1
- VM Ware Fusion installed on your Mac. (I’m currently using Fusion 11, but I’ve been using v10 with the same workflow before)
- App Store download of the macOS installer (Mojave OK)
- VMware Fusion: Download the trial here.
So, let’s go! First we’ll create our VM:
DO NOT hit “Finish” right now! Go via “Customise Settings” to avoid launching the VM immediately. We need to change some items in the .vmx file before the first boot of the VM. (Clicking “Finish” here would start the VM immediately, which we want to avoid).
Before starting the VM for the first time, we need to tweak the .vmx file of the virtual machine. Navigate to the location where you saved the VM and ctrl-click on the VMWare file. Choose “Show Package Contents”.
Locate the .vmx file and open it in your preferred text editor.
Add the following lines to the .vmx file. Change the serial number with the actual serial number of a physical device (test device listed in your Apple School/Business Manager), as well as the model number.
! Make sure not to make any typo's and don't leave any empty lines. (VMWare will change the order of the lines on next boot, hence empty lines will break the config file.) !
serialNumber.reflectHost = "FALSE"
serialNumber = "C02N49ZVXXXX"
hw.model.reflectHost = "FALSE"
hw.model = "MacBookAir6,1"
smbios.reflectHost = "FALSE"
Save the file and start your VM:
Next, install macOS as usual:
After installing macOS, when you are presented with the “Welcome” screen, you need to power off / shutdown the virtual machine. This is necessary to keep the serial number in the configuration.
After shutting down the VM, you can prepare your MDM to handle the “Automated MDM Enrolment”. For Jamf Pro: create a “prestage enrollment” and add the serial number to the scope.
Note: before starting your virtual machine again, create a snapshot! This will allow you to quickly, and efficiently, test your enrolment workflows over and over again, without re-installing macOS (or creating new VM's).
MDM (Jamf Pro Prestage), and snapshot ready? Launch your VM again!
Have fun testing your enrolment workflows, even when on the go, without the need of a physical test device! Deploy, test, restore, change!
That’s all folks! I’ll now test and confirm my Parallels Desktop workflow and share similar steps asap!