Example Workflow & First Run Action

Ben Greiner -

Robot Cloud takes the modern approach to Mac management — one that is highly automated and repeatable. This "hands off" process can feel jarring to technology professionals accustomed to getting their "hands dirty" with manual tasks. Robot Cloud has been tested and proven on thousands of Mac installations over several years. The example workflow listed below is one you can get started with today. In addition — with proper planning and testing — you have the option to complete our First Run Forms to further customize your Robot Cloud experience.

 
 

Unbox & Enroll

It's Apple's goal for the customer (not IT) to experience the unboxing. We encourage IT to stop opening the shrink wrap and deliver new Macs directly to the customer. It's helpful to provide setup instructions on a notecard or a web page that can be viewed on an iPhone. The goal is to get the Mac enrolled into Robot Cloud to obtain access to company data, software and support. NOTE: Enrollment can occur automatically with the use of Apple's Device Enrollment Program (DEP). Contact us if you want to use DEP.

BASIC INSTRUCTIONS (see our Mac Setup web page):

  1. Deliver new Mac to the customer to enjoy the Apple Unboxing Experience.
  2. Instruct the customer to connect the Mac to the Internet.
  3. Ask them to enroll the Mac into Robot Cloud (Skip this step if handled by DEP):
    • Provide a short URL to download and install the Robot Cloud enrollment package.
    • Ask them to run the Set Location Action within Self Service (or run this for them).
 

During Enrollment

Here's what happens during enrollment:

  1. The initial Inventory Report is gathered and submitted to the JAMF Software Server (JSS). This information will display in Dashboard within one hour.
  2. SSH is enabled for remote login.
  3. Self Service is installed.
  4. CocoaDialog is installed to deliver notifications.
  5. The Notification Binary and Default Mailto Address is set.
  6. The Monitor Binary is installed to collect performance metrics.
  7. Remote Management is enabled for remote control via Apple Remote Desktop (ARD).
  8. Mac is checked for malware (and removed if found).
  9. Initial Notifications are sent (if any are found).
 

Set Location

Now that the Mac is enrolled we need to tell Robot Cloud where the Mac lives — what office, building, department, client or group does this Mac belong to? With advanced planning, Robot Cloud can identify a Mac by public IP and local Network Segment. However, it's best to confirm the location — especially if a customer enrolls a Mac from home, or any unknown network. DEP can help, but does require manual pre-configuration. To assist with this we have developed the Set Location Action. This Action is available in Self Service immediately after enrollment. Your IT team or the customer must run this Action to set the location and enable any custom Actions. In situations where Set Location cannot determine the location a ticket will be created and our team will work with you to manually set the location. Here is a video of the Robot Cloud Set Location Action.

 

First Run Action

Once Robot Cloud knows the location, what happens next depends on the state of the Mac (the OS and application versions) and what you've chosen to automate at each location. There are too many options available to discuss them all in a written document. We've created First Run Forms to collect information and get this process started for your locations.

Within the first hour of running Set Location the First Run Action will trigger. NOTE: If you can't wait up to one hour for the First Run Action to trigger, then as soon as Set Location is run, refresh Self Service and run the First Run Action. You may also trigger this action via the Command Line. Below is an example of what the First Run Action can trigger:

  1. Designated Local Admin Accounts are created.
  2. The Mac is bound to Active Directory (if applicable).
  3. Software auto-updates are disabled for Adobe, Apple and Microsoft.
  4. Designated Remote Control software is installed.
  5. Designated security standards are enforced (examples listed below):
    • FileVault encryption is activated and the key securely escrowed.
    • Admin Accounts are noted and notifications are sent on future changes.
    • Code vulnerabilities are checked and updated.
    • Alerts on failed SSH attempts are enabled.
  6. Anti-virus software (if subscribed) is installed.
  7. Designated Printers, Drivers and Presets are installed.
  8. Custom SupportMenu is installed.
  9. Maintenance tools are installed and enabled (examples include):
    • SMART status tools for drive health monitoring.
    • Disk Verification.
  10. Additional Actions are deployed (Applications, Profiles, etc). For example:
    • Install Adobe CC 2015.
    • Install Microsoft Office 2016 for Mac.
    • Update/patch third-party software (if installed).
    • Install CrashPlan for backup.
    • Remove/block BitTorrent.
 

Follow-up Items

Robot Cloud's custom automation can get a customer setup so they can start using their Mac. However, additional items may need to be completed manually. For example:

  • Update the Computer Name (keep Local Hostname unchanged if binding).
  • Setup email.
  • Setup Printers (if not automated or available in Self Service).
  • Setup File shares — any drives to auto-mount?
  • Setup VPN/Remote Access.
  • Delete the Temporary Account created during the unboxing.
  • Migrate an existing Mac account?
 
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk