Posts

Windows device lifecycle. Hands-off reprovisioning with Workspace ONE.

-
Image
There are multiple options available for onboarding a Windows desktop into Workspace ONE UEM. Different options are available depending on if the device is a Greenfield device (brand new out-of-the-box device) or a Brownfield device (currently used device, possible under a legacy device management system). But what about device recycling? How do you enroll a device that has been returned to IT? Typically, this is a hands-on approach and will involve multiple steps that will look something like: Re-imaging the device, via USB or Windows Deployment Services (WDS). Logging in as the staging account. Downloading Intelligent Hub. Enrolling as the staging user. Logging out. Handing the device off to the final end user, or placing it back into stock. Workspace ONE Tunnel (or other pre-auth VPN) if the device is to be domain joined. If testing using a VM, ensure that the VM has been assigned a serial number What if there was a better way? What if you could deploy a new image to a device and ha...
Post a Comment
Read more

Adobe Acrobat Reader customizations for Windows

-
Image
Adobe Acrobat Reader is an essential tool when working with PDF documents but is not the easiest tool deploy to a fleet of Windows devices. Adobe has made available a customization wizard however that can be used to modify the package for easier deployment. Required items: Adobe Acrobat Reader MUI 64-bit Adobe Acrobat Customization Wizard 7-zip (or other zip archive utility) Note: The Customization Wizard only works in the multi-language, 64-bit version of Adobe Reader. Step 1: Download required software. Download both Adobe Reader and the Customization Wizard linked above. Step 2: Install the Customization wizard Step 3: Extract Acrobat Reader executable file into a folder Step 4: Launch the customization wizard and open AcroPro.msi Step 5: Modify the following items: Personalization options: Suppress display of End User License Agreement Installation Options: Make reader the default PDF viewer Run installation Silently (no interface) Suppress reboot Online services and features Disa...
Post a Comment
Read more

Deploying certificates to the Quest 2

-
Image
I spent some time working with the Workspace ONE XR Hub team (find out about HR Hub here ) and whilst it is very simple to install a certificate to a Quest enrolled in Workspace ONE, it's not that simple to install one on a non-enrolled device. Why would you want to install a certificate on an Oculus Quest you might ask? Well, I am a volunteer CS teacher for TEALS  and the school I was working with purchased some Quest 2 headsets for the students. Unfortunately, she was unable to connect them to the school network as the network was protected by securly an needed a certificate installed on the device before it was able to connect to the network. The schools IT team were unable to help and since I had experience with the Quest 2 while working with XR Hub team I was asked if I could help. The Quest 2 (like most VR/XR headsets) runs a version of Android AOSP  heavily customized by the OEM. If I could get to the underlying O/S, I would be ...
Post a Comment
Read more

Integrating and Configuring Workspace ONE UEM With Apple Business Manager (ABM/DEP) and Volume Purchase Program (VPP)

-
Image
Integration with Apple Business Manager / Apple School Manager is a key step when using Workspace ONE to manage Corporate owned Apple devices. This extra step allows you to ensure that your devices are enrolled, and remain to be enrolled, in Workspace ONE. It also simplifies the enrollment process in that the the device is automatically enrolled into Workspace ONE UEM as part of the device setup process. Part 1: Integrating UEM and DEP Requirements: Apple Business Manager (ABM) or Apple School Manager (ASM) tenant. In the Workspace ONE UEM console, go to Settings > All Settings > Device and Users > Apple > Device Enrollment Program Click Configure Download the public key In ABM, Click the Organization and then Preferences and the + to add an MDM Server Give the MDM Server a Name and Upload the public key downloaded from the UEM console Download the Token (sToken) Configure Default Device Assignment Upload the token into the UEM console Configure authentication settings for ...
Post a Comment
Read more