Comparing VPP to a public library |
Why I chose this:
VPP is a key component to any Apple-related mass rollout and management system. I am hoping to grab some tips and hints to help me handle our VPP better.
What I learned (These are loose notes and will be missing actual steps):
JSS Framework
Users, VPP Invitations VPP Assignments, VPP Content Deployment
Compared VPP to being at the public library - what do you want? Get a card. Check it out from the library. Take book home, etc.
VPP Service Token
Purchase content via VPP
SMTP integration active
Use the fields in the JSS with VPP accounts (which email address, etc)
Modify JSS User Accounts and Group Permissions
Users:
Users vs JSS User Accounts and Groups - reframe our thinking, different than users logging into jss.
Assigned to a device
User-Initiated Enrollment
Manual Creation (non-LDAP)
LDAP
Find the computer, Computer/User info, fill in LDAP info
Could use Devices and find user-initiated users
Manually create users (or for testing purposes)
Use LDAP if possible
Enroll with user-initiated enrollment if possible
Fill in various screens (send email to user).
Use Smart Group (Not associated and Not Sent)
Use email invitation
Do not block app store for mobile devices
VPP Assignment
What are you assigning? iOS Apps and/or Mac Apps
Who are you assigning these to?
Create a smart group (VPP invitation is associated - that is, user accepted token)
Select the EDU account
Select user group that have completed process
Limited group to actual staff group
App shows in purchase history
Same thing for Mac or iOS apps. Must be done for each app on each platform
Use a Smart User Group (IS associated)
Be modular and try not to bundle
Content appears in Users' Purchase History
VPP Content Deployment
Computer or mobile device?
Make it available in self-service
Limit to LDAP group who should get the app (Staff, etc)
Save config
Keep your network infrastructure in mind - use self service
Install automatically - conditions that MUST be met
Automatic Downloads - does not need to be enabled
Self service allows users to install the app(s) when THEY want/need them
Revoking apps:
iOS Apps/Mac Apps - yes
eBooks - cannot be revoked
How to revoke (choose one - do not use all of these, though circumstance governs):
Remove user from LDAP Group
Change scope
Change app selection
Delete VPP assignment
Revoke All
Review:
1. JSS Framework in place, configured, VPP token
2. Users
3. VPP Invitations
4. VPP Assignments
5. VPP Content Deployment
Q&A -
For free apps: Nice thing about VPP is updating apps with their apple id.
Other q&a ensued, but I was talking with a colleague about LDAP integration and true SSO for local domain, Google Apps, and JSS
No comments:
Post a Comment