krypted.com

Tiny Deathstars of Foulness

In order to use the Apple Volume Purchase Program, you will need an MDM solution (Profile Manager, Casper, MobileIron, Meraki, FileWave, etc). Also, token options were traditionally for one to one (1:1) environments until iOS 9, which marked a change where you can now leverage per-device licensing. This removes the requirement that you need an Apple ID running on each device that you choose to install apps on. Suddenly, VPP is for multi-tenant environments. You can also use codes and options for iOS 7 and up as well as OS X 10.9 and up, but those will use Apple IDs. Also, if you install your vpptoken on OS X Server and you’re running that same vpptoken elsewhere, OS X Server will take all of the codes that have been issued for itself (feature or bug, you decide).

But this article isn’t about the fine print details of the new VPP. Instead, this article is about making Profile Manager work with your new VPP token. Before you get started, know that when you install your vpptoken, if it’s in use by another MDM, Profile Manager will unlicensed all apps with your other MDM. To get started, log into your VPP account. Once logged in, click on your account email address and then select Account Summary.

vpp1

Then, click on the Download Token link and your token will be downloaded to your ~/Downloads (or wherever you download stuff).

vpp2

Once you have your token, open the Server app and click on the Profile Manager service.

ProfileManager

Click on the checkbox for Distribute apps and books from the Volume Purchase Program.

VPP

At the VPP Managed Distribution screen, drag the .vpptoken file downloaded earlier into the screen.

token

Click Continue. The VPP code email address will appear in the screen. Click Done.

Back at the profile manager screen, you should then see that the checkbox is filled and you can now setup Profile Manager.

The rest of the configuration of Profile Manager is covered in a previous article.

Note: The account used to configure the VPP information is not tracked in any serveradmin settings.

September 27th, 2015

Posted In: Mac OS X, Mac OS X Server, Mac Security, Mass Deployment

Tags: , , , , , , ,

JAMF Nation User Conference

As the largest Apple IT gathering in the world rapidly approaches, we want to give you an early glimpse into the great presentations at the JAMF Nation User Conference (JNUC).

We are excited to announce that we’ve added the first ten JNUC sessions to our site. With sessions for education and commercial organizations, you’re sure to find presentations to meet your needs. Highlights include best practices for preparing Macs for online testing, ways to bring Apple’s Volume Purchase Program (VPP) and Device Enrollment Program (DEP) to life in your environment, and methods for mitigating and addressing Mac security threats.

Haven’t registered yet? There’s still time, but hurry. We’re nearing our capacity. 

Secure your spot and start making your travel plansand accommodations before it’s too late. We hope you can make it!

RSVP Today

August 26th, 2015

Posted In: Mac OS X

Tags: , , , , , , ,

Starting today, Bushel can be used to deploy Volume Purchase Program (VPP) apps to Apple devices running iOS 9 or OS X 10.11 El Capitan without the need for an Apple ID. That’s right, no Apple ID required!

Read More About VPP App Distribution Without Apple IDs on the Bushel Blog

August 13th, 2015

Posted In: Bushel, iPhone, JAMF

Tags: , , , , ,

Can I push out Apps without VPP? Yes. You can push free apps to iOS devices without a VPP account. Paid apps of any kind will need a VPP account, as will free apps on Macs.

To Find Out The Answers To Other Common Questions About Apple’s Volume Purchase Program (VPP) and Bushel, Check Out The Bushel Blog Here

May 19th, 2015

Posted In: Bushel

Tags: , , , , , ,

Apple’s Volume Purchase Program allows you to export a VPP token and then import that token into a server to create a connection between an MDM solution (e.g. Bushel, Apple’s Profile Manager, Casper, etc) and apps you purchase through the VPP portal. But what’s in a token? The VPP token is a base64 encoded file. You can cat the file and it will show you a bunch of garbly-gook (technical term):

base64 --decode /Users/charlesedge/Desktop/kryptedcom.vpptoken

But there’s more to it than all that. We can run the base64 command to see:

base64 --decode /Users/charlesedge/Desktop/kryptedcom.vpptoken

In some cases, this file can display improperly, if it fails use the following command:

echo `cat /Users/charlesedge/Desktop/kryptedcom.vpptoken` | base64 --decode

The contents of the file are then displayed, as follows:

{"token”:”AbCDe1f2gh3DImSB1DhbLTWviabcgz3y7wkDLbnVA2AIrj9gc1h11vViMDJ11qoF6Jhqzncw5hW3cV8z1/Yk7A==","expDate":"2015-07-03T08:30:47-0700","orgName”:”Krypted.com"}

This is a comma separated set of keys, including token, expedite and orgName. Do not edit any of this or you may spontaneously combust. The token establishes the trust but the expiration date will show you when a vpptoken expires and will need to be renewed by. The orgName is what you entered in the VPP portal when you setup the account and is also escaped and then used as the file name. These two pieces of data can help you if you have a bunch of vpptokens that you need to keep track of.

May 19th, 2015

Posted In: iPhone

Tags: , , , , , , ,

Apple’s Configurator app for the Mac streamlines many setup and management tasks for iOS deployments. Although it lacks some of the core capabilities that a Mobile Device Management solution like Bushel can provide, there are some unique aspects of this deployment tool.

For More On Moving VPP Apps from Configurator to Bushel

April 8th, 2015

Posted In: Bushel

Tags: , , , , ,

Apple began rolling out new features with the new Volume Purchasing Program (VPP) program last year. There are lots of good things to know, here. First, the old way should still work. You’re not loosing the stuff you already invested in such as Configurator with those codes you might have used last year with supervision. However, you will need an MDM solution (Profile Manager, Casper, Absolute, FileWave, etc) to use the new tools. Also, the new token options are for one to one (1:1) environments. This isn’t for multi-tenant environments. You can only use these codes and options for iOS 7 and OS X 10.9 and 10.10. Also, if you install your vpptoken on Yosemite Server and you’re running that same vpptoken elsewhere, Yosemite Server will take all of the codes that have been issued for itself (feature or bug, you decide).

But this article isn’t about the fine print details of the new VPP. Instead, this article is about making Profile Manager work with your new VPP token. Before you get started, know that when you install your vpptoken, if it’s in use by another MDM, Profile Manager will unlicensed all apps with your other MDM. To get started, log into your VPP account. Once logged in, click on your account email address and then select Account Summary.

vpp1

Then, click on the Download Token link and your token will be downloaded to your ~/Downloads (or wherever you download stuff).

vpp2

Once you have your token, open the Server app and click on the Profile Manager service.

vpp3

Click on the checkbox for Distribute apps and books from the Volume Purchase Program.

vpp4

At the VPP Managed Distribution screen, drag the .vpptoken file downloaded earlier into the screen.

Click Continue. The VPP code email address will appear in the screen. Click Done.

vpp5

Back at the profile manager screen, you should then see that the checkbox is filled and you can now setup Profile Manager.

vpp6

The rest of the configuration of Profile Manager is covered in a previous article.

Note: The account used to configure the VPP information is not tracked in any serveradmin settings.

October 17th, 2014

Posted In: iPhone, Mac OS X, Mac OS X Server, Mac Security, Mass Deployment

Tags: , , , , , , , , , , , ,

Let’s talk about enrolling devices. Bushel has a few ways for you to enroll your devices to be managed. One way is to use Apple’s Device Enrollment Program. DEP has come out of necessity to make devices easier to deploy to the end user. When you use DEP with Bushel, your user’s will turn their computer on for the first time, connect to Wi-Fi during set up, and when the initial set up is done, the device will prompt the user to accept the Bushel management profile. All they need to do is click accept, and there you go! The device is enrolled in Bushel. For more information on DEP, visit Apple Device Enrollment Program

Learn How To Add Devices To Your Bushel Here…

August 10th, 2014

Posted In: Bushel

Tags: , , ,

Apple began rolling out new features with the new Volume Purchasing Program (VPP) program this week. There are lots of good things to know, here. First, the old way should still work. You’re not loosing the stuff you already invested in such as Configurator with those codes you might have used last year with supervision. However, you will need an MDM solution (Profile Manager, Casper, Absolute, FileWave, etc) to use the new tools. Also, the new token options are for one to one (1:1) environments. This isn’t for multi-tenant environments. You can only use these codes and options for iOS 7 and OS X 10.9 and above.

But this article isn’t about the fine print details of the new VPP. Instead, this article is about making Profile Manager work with your new VPP token. To get started, log into your VPP account. Once logged in, click on your account email address and then select Account Summary.

Screen Shot 2013-11-05 at 3.26.00 PM

Then, click on the Download Token link and your token will be downloaded to your ~/Downloads (or wherever you download stuff).

Screen Shot 2013-11-05 at 3.18.22 PM

Once you have your token, open the Server app and click on the Profile Manager service.

Screen Shot 2013-11-05 at 3.14.35 PMClick on the checkbox for Distribute apps and books from the Volume Purchase Program.

Screen Shot 2013-11-05 at 3.14.43 PMAt the VPP Managed Distribution screen, drag the .vpptoken file downloaded earlier into the screen.

Screen Shot 2013-11-05 at 3.15.02 PMClick Continue. The VPP code email address will appear in the screen. Click Done.

Screen Shot 2013-11-05 at 3.15.08 PMBack at the profile manager screen, you should then see that the checkbox is filled and you can now setup Profile Manager.

Screen Shot 2013-11-05 at 3.15.14 PMThe rest of the configuration of Profile Manager is covered in the article I did earlier on Profile Manager 3.

Note: The account used to configure the VPP information is not tracked in any serveradmin settings.

November 7th, 2013

Posted In: iPhone, Mac OS X Server

Tags: , , , , , , , , ,

Some iOS and/or OS X deployments require us to create a boatload of Apple IDs. This could be to redeem VPP codes, to do iOS backups, to configure Messages, now giving the ability for OS X Server users to password reset for themselves, etc. I have sat and manually created Apple IDs for a number of clients. I’ve created dozens at a single sitting and there are some serious annoyances and challenges with doing so manually. For example, you’re gonna’ fat finger something. If you type 10 things in for 50 accounts then it’s hard to imagine you’re not gonna’ mess something up in one of those 500 fields. It’s also time consuming and well, just annoying.
AppIcon

Then, along came a script. That script allowed us to create loads of IDs on the fly. Now, we have a very nice GUI tool called the Apple ID Automation Builder that can be used to batch create a number of Apple IDs on the fly. Brought to us by Greg Moore and hosted by enterpriseios.com, this is one of those rare finds that is a serious time saver and very valuable when you need it in your bat belt. Great little tool, well worth the money and I look forward to providing Greg with plenty of accolades should we ever meet!

May 12th, 2013

Posted In: iPhone, Mac OS X, Mac OS X Server

Tags: , , , , , , , ,

Next Page »