Kandji - Zero Touch Installation of the Desktop App
How to to silently deploy Banyan’s desktop app using Kandji
- Updated on Apr 19, 2023
Overview
Kandji is a mobile device manager (MDM) used to manage and secure Apple devices. In Banyan, it can be configured to package and distribute the desktop app to your device fleet using zero-touch installation. This completes a silent installation, which requires no interaction from your end users.
In this doc, we review the steps required to execute a zero-touch installation using Kandji.
Prerequisites
- Deployment Key: Obtained from the Command Center under Settings > App Deployment > Zero-Touch Deployment Using a Device Manager.
- Invite Code: Obtained from Command Center under Settings > App Deployment > Invite Code.
-
Ensure that you’re familiar with
mdm-config.jsonparameters to customize Banyan Desktop App functionality, paying particular attention to the following flags required to enable zero touch mode:mdm_start_at_boot- Recommended to set astrueto ensure the app starts consistentlymdm_hide_on_start- Recommended to set astrueto ensure the app doesn’t foreground every time the user logs in
Steps
There are two high-level steps required to silently deploy and install the Banyan desktop app then register devices with Banyan:
- Step 1. Prepare the Banyan Zero Touch Install script - Configure zero touch script with the appropriate deployment parameters for your organization.
- Step 2. Distribute the Zero Touch Install script to devices - Push down the configured script to your end users to register their devices with Banyan.
Step 1: Prepare the Banyan zero touch installation script for macOS
1.1 Download the script from the Banyan repo: Banyan App Installer.
1.2 Configure the script by entering the following values:
-
The
INVITE_CODEvalue: This value can be found in Banyan’s Cloud Command Center under Settings > Desktop & Mobile > App Deployment. -
The
DEPLOYMENT_KEYvalue: This value can also be found under Settings > App Deployment, under the sub-header Zero-Touch Deployment Using a Device Manager. Select the Copy icon to the right of the Deployment Key value, and enter the copied value into your script. -
The
APP_VERSIONvalue: You have the option of specifying an app version or leaving this value blank; if left blank, this field will auto-populate with the latest app version.
Step 2: Distribute a Configuration Profile with User info
Banyan’s bash script will leverage name and email when silently registering the Banyan app. This configuration profile will contain the users’ information on the device for the script to leverage.
2.1 Navigate to Library > Add New and click Custom Profile.
- Name: Zero Touch User Info
2.2 Configure the Assignment section with the appropriate Blueprint.
2.3 Attach the Global Variables profile
Download this file and upload it into the Zero Touch User Info profile to map all Global variables for a user within a device profile
2.4 Select Save to push the profile to selected devices
Step 3: Distribute the zero touch install script to macOS devices via Kandji
3.1 Navigate to your Kandji Library, and select Add New.
3.2 Under General, select the Custom Script template.
3.3 Under Custom Script, select Add & Configure.
3.4 In the configuration page of your custom script, enter a title.
3.5 Under Assignment, select a Blueprint.
3.6 Under Settings, set the Execution Frequency. Select the option to Run once per device.
3.7 Under Script Details, paste your configured script.
Can’t find what you’re looking for?
We’re happy to help. Contact our team.