Baseline is a custom onboarding app made to be an MDM agnostic zero touch or light touch solution for macOS. It combines a few widely used open-source macOS utilities to provide a simple and flexible setup that can be done with the .pkg installer and a custom MDM Profile.
Quick software deployments and end-user experiences are equally important workflows for device onboarding that can decrease the time between first touch and production usability of a new user and device. As well as, confirming value and presenting the deployments to the end user as their devices are being set up.
A huge Addigy thanks to the folks at Second Son Consulting, Inc. for putting together and documenting a valuable piece of software for the MacAdmins community. You can find them, and a community of users, in the #baseline channel in the MacAdmins Slack community.
Note: The team that develops Baseline is constantly adding new utilities and features to the software. You can follow along on their releases page.
If you encounter any issues with deploying Baseline to your devices, please reach out to the folks of the #baseline Slack channel in the MacAdmins community.
Baseline Resources:
Deploying Baseline
Deploying Baseline with Addigy is simple using a Custom MDM Profile and Smart Software.
Requirements:
- macOS 12+
- iMazing Profile Editor
- Baseline pkg
Manual Enrollment Workflow:
Create your Smart Software that installs Baseline on your device.
- Recommended: Set the install priority to 1.91 to ensure it pushes before the rest of the policy items
- Get and upload the Baseline PKG from their releases page. (Make sure it's not the NoDaemon version)
- This includes any other PKGs or files that you wish to install as part of the onboarding experience
Create and Upload your Baseline mobileconfig file using iMazing Profile Editor
- Payload name: Baseline by Second Son Consulting
- Recommended: Set the install priority to 1.9 to ensure it pushes before the rest of the policy items and the Baseline pkg.
- Apply both to the policy and manually enroll a new device.
Pre-stage Enrollment Workflow:
Create your Smart Software that installs Baseline on your device.
- Recommended: Set the install priority to 0.2 to ensure it pushes during Automated Device Enrollment
- Get and upload the Baseline PKG from their releases page. (Make sure it's not the NoDaemon version)
- This includes any other PKGs or files that you wish to install as part of the onboarding experience
Create and Upload your Baseline mobileconfig file using iMazing Profile Editor
- Payload name: Baseline by Second Son Consulting
- Recommended: Set the install priority to 0.1 to ensure it pushes during Automated Device Enrollment and before the Baseline pkg
- Apply both to the policy and enroll a new device via Automated Device Enrollment
For more workflow scenarios, you can visit the Addigy Baseline wiki page. Huge thanks to Chris Bobbit for writing up the Baseline Addigy Wiki page!
Example Manual Deployment
For this example, we will be creating a Deployment and Install of Baseline that will:
-
Set all the custom Icons to reference an image from a URL
-
Grab the most recent Baseline PKG Install from their releases page automatically (no need to upload your own)
-
Install Google Chrome using the built-in Installomator function in Baseline
-
Install Zoom from a pkg file that we upload to the Smart Software
-
And execute a script that waits for the Addigy Policy to complete its deployment before exiting Baseline
Note: The files needed to follow along with this example will be provided as an attachment at the bottom of this article. To get the Zoom installer please visit Zoom’s download center.
Step 1 - Smart Software Creation
-
Create a Smart Software in Addigy and add the Install and Condition script templates from the attached files to the respective fields in the Smart Software.
-
Add the ‘Download folder’ path to the variables on line 4.
-
Upload the Zoom installer and Wait for Addigy Policy.sh file to the file upload section.
-
Set the Priority Order to 1.91. For more information on priority deployments, please reference this article.
-
Note: In the attached Installation Script, we are automatically collecting the most recent Baseline PKG from their releases page so there is no need to upload it into the Smart Software.
Step 2 - Baseline MDM Configuration Creation
-
Create a new configuration in iMazing Profile Editor and add the Baseline by Second Son Consulting payload.
-
Add the Google Chrome Installomator Label info
-
Display Name: Google Chrome
-
Label: googlechrome
-
-
Add the Zoom Package info
-
Display name: Zoom
-
Package Path: zoomusInstallerFull.pkg
-
-
Add the Script info
-
Display Name: Addigy Policy
-
Script Path: Wait for Addigy Policy.sh
-
-
Add these command strings to all three Dialog options
-
--title "New Device Onboarding" --icon "https://addigy.com/wp-content/uploads/2022/12/addigy-logomark-teal.svg"
-
-
Save the file to your device
Step 3 - Upload the Custom MDM Profile
-
Navigate to Catalog > MDM Profiles > New > Custom Profile to create and upload a Custom MDM profile. Additional steps on creating and uploading a custom MDM Profile can be found here.
-
Upload the Baseline Configuration that was just created
-
Set the Installation Priority to 1.9
-
Confirm the Profile creation
Step 4 - Add to Policy and Enroll a device
-
Add the Profile and the Smart Software to your selected policy of enrollment
-
Enroll a device
-
Enjoy your onboarding experience :)
Additional Notes
-
The install script provided will do the following:
-
Make a fresh Baseline configuration directory
-
Move all recognized file types into their respective spot in the Baseline configuration directory
-
Download and install the latest version of the Baseline pkg from the Baseline releases page
-
The downloadFolder variable on line 4 must be edited to reference your specific Smart Software folder
-
-
The condition script provided will do the following:
-
Check if the onboarding workflow has already run on the device
-
Check if the Addigy enrollment is younger than cutOffTime (preset value is 168 hours or 1 week)
-
-
A script that prints the logs from the Baseline log files
-
A script, "Wait for Addigy Policy.sh", was made to be used as a deployed script during Baseline workflow.