Tiny Deathstars of Foulness

I’ve written a number of articles on automating MDM enrollments using Apple Configurator in the past. In Apple Configurator 2, there are some new options that make the process much easier than it’s ever been in the past. To get started, let’s open Apple Configurator 2 and click on a Blueprint we’d like to apply to devices being prepared during a mass iPad or iPhone enrollment through Apple Configurator. Control-click on the Blueprint to set up for automated enrollment and click on the Prepare button.

Screen Shot 2015-11-03 at 11.18.02 PM

At the Organization screen, select the organization you’d like to enroll your device in and click on the Next button.

Screen Shot 2015-11-03 at 6.32.56 PM

At the Server screen, select to enroll in an MDM server.

Screen Shot 2015-11-03 at 6.33.00 PM

At the Define an MDM Server screen, type the name of a server and click Next.

Screen Shot 2015-11-03 at 11.17.22 PM

The server is then located and provided the Apple Configurator 2 system can communicate with the server, you’ll get a choice of the MDM service to enroll into. Select the certificate and click Next.

Screen Shot 2015-11-03 at 11.17.27 PM

At the Supervise Devices screen, select whether you’d like to supervise devices enrolled using Apple Configurator 2. Click Next.

Screen Shot 2015-11-03 at 11.17.32 PM

At the Configure iOS Setup Assistant screen, choose whether to skip some screens during the initial configuration of the device and click on Prepare.

Screen Shot 2015-11-03 at 11.17.38 PM

Now, during the preparation in Apple Configurator, you’ll be able to enroll iOS devices into Profile Manager (or another MDM) en masse.

Additionally, the traditional method of enrollment (Configurator 1) still works. Here, you’d download a trust profile, done using the name in the upper right corner of the Profile Manager interface and then choosing Download Trust Profile.

Screen Shot 2015-11-03 at 11.06.17 PM

You’ll also need the Enrollment Profile, accessed using the plus sign (+) in the lower left corner of the screen and choosing Enrollment Profile.

Screen Shot 2015-11-03 at 11.06.27 PM

The two are then added to the Profiles of a blueprint in Apple Configurator 2. You can also use the Settings for a device group to set placeholders for devices so they’re automatically assigned to a group during mass enrollments like this.

Screen Shot 2015-11-03 at 11.07.09 PM


Overall the options in Apple Configurator 2 with Profile Manager or another MDM are way easier to use than in previous versions. I think a lot of new administrators will be able to easily get used to this workflow. Enjoy!



November 4th, 2015

Posted In: Apple Configurator, iPhone, Mac OS X Server, Mass Deployment

Tags: , , , , , , , , , ,

The latest and greatest of the Enterprise Mac Admin’s Guide is now available for Pre-Order at This is an interesting update. If you happened to see the previous edition, I’d described more about Casper than most of the other third party products on the market.

Screen Shot 2015-10-22 at 11.06.21 AM

In this edition, there’s still an equal amount of information on Casper, but now there’s also more information on FileWave, and a whole chapter on the open source toolchain of products, including Munki and AutoPKG. The main reason I decided to update this title was actually the change from focusing on directory services (which still has plenty of page count) to focusing on profile management.

The most substantial update to the book was Bill Smith though. Bringing him in as a co-author provided a lot of new insight, new content, and a good bit of cleaned up text. He’s been great to work with!

This was a pretty big update, so hope you enjoy!



October 22nd, 2015

Posted In: Mac OS X, Mac OS X Server, Mac Security, Mass Deployment

Tags: , , , , ,

We’d love your help to make the Casper Suite better! And we’re trying to be pretty organized about how we’re trying to get there (being organized and getting better are both ongoing efforts at most organizations) and letting our admins take a stab at helping us to prioritize various initiatives. One way we’re trying to make the product better is in UX. So if you have some time and want to help us organize the various tasks and workflows in Casper, please feel free to take this quick UX study at!

Screen Shot 2015-10-20 at 10.10.54 AM

Thanks for helping us make your life easier!

October 20th, 2015

Posted In: JAMF

Tags: , ,

JAMF Software has long had 0 day support for new Apple releases. The latest version of Bushel allows you to enroll El Capitan devices. Casper 9.8 also allows you to enroll devices. There are certainly going to be subsequent updates that allow us to do even more. This was a tricky one, as the jamf binary had to be moved and there were some new enrollment policies, to keep your Apple devices as secure as possible!

Bushel is SaaS, so it’s available today. Casper should be updated. You can access our installers using your My Assets page on JAMF Nation. Happy updating!


September 20th, 2015

Posted In: JAMF, Mac OS X, Mac Security, Mass Deployment

Tags: , , , , , , , ,

As we’ve grown, one of the most exciting things for the team has been to watch our customers use Bushel to help solve some of their workplace problems. A few have shared their stories with us, and we’re excited to highlight one here on our blog. If you’re inspired to share your own, we’d love to hear from you! Reach out anytime at

Read More About How The GRS Group Uses Bushel On The Bushel Blog

July 23rd, 2015

Posted In: Bushel, iPhone, JAMF

Tags: , , , , , , , ,

Mobile Device Management (MDM) is an additional layer of securing provided to a standard deployment of mobile devices. In the Apple management context, MDM provides our customers with a way to make sure that they can monitor devices, that devices fit within the boundaries of what our customers consider to be good security, making it easier to setup devices (by quickly providing WiFi information, helping to deploy apps, etc) and of course by getting a good inventory of the devices you have out there in the wild.

Read More About MDM, MAM, MEM, and EMM At

July 13th, 2015

Posted In: Bushel, iPhone, JAMF, Mac OS X

Tags: , , , , ,

Casper 9.62 is now out! And holy buckets, look at all the stuff that got fixed in this release:


PS – There’s also some api improvement goodness!

December 4th, 2014

Posted In: iPhone, Mac OS X, Mac OS X Server, Mac Security

Tags: , , , , ,

I was super-bummed that I missed the MacAdmins conference at Penn State University. But, all is not lost as MacAdmins will be held July 8-10 in 2015 at the Penn Stater Conference Center and I’ll be able to see all those awesome people there next year!

In the meantime, something fun and new is the 2014 MacAdmins Playlist to maybe get exposed to some new stuff:

As an aside, here’s a fun pic of @derflounder and I (and others) doing a round table from a few years ago on the Penn State site:

Screen Shot 2014-07-15 at 1.25.10 PM


July 15th, 2014

Posted In: Mac OS X, Mac OS X Server, Mac Security, Mass Deployment, public speaking

Tags: , , , , , , , , ,

If you do deployments of Apple products, there are a few conferences to look at. Based on where you are and what industry you are in, some of these are better than others. But if you use the Casper Suite or are considering doing so, it would be really hard to beat JNUC, the JAMF Nation User Conference.


And yes, I’d of said all this and posted this even if I hadn’t of come to work here a week and a half ago! So come one, come all to Minneapolis. And if you’re really nice, we’ll hook you up with some good old fashioned Minnesota lutefisk!

June 11th, 2014

Posted In: iPhone, Mac OS X, Mac OS X Server, Mac Security, Mass Deployment, Minneapolis

Tags: , , , , , , , , ,

DeviceScout is a tool that leverages JAMF’s Casper Suite to show administrators vital statistics and show alerts on client systems. These alerts display some of the critical aspects of systems, from encryption to disk capacity to backups, there are a number of pretty cool aspects of DeviceScout.

Screen Shot 2014-04-18 at 2.55.47 PM

Using the device view, you can view serial numbers, device types, check-in status, boot volumes, memory, etc. It’s a lot of insight into what you have on your systems. I’m a huge fan of such visibility. You will need to be running Casper to leverage DeviceScout, but it provides a very simple interface for management and even techs to see what’s going on in your enterprise in as quick a manner as possible. Inventory, security status, backup status and a support menu at your fingertips.

With very simple pricing, check out what they have to offer at

April 19th, 2014

Posted In: iPhone, Mac OS X, Mac OS X Server, Mac Security, Mass Deployment

Tags: , , , , ,

Next Page »