For a while now, I’ve been meaning to post about how I’m bootstrapping our Macs using Workspace ONE UEM and several open source tools. This will be a multi-part series, and will culminate with a presentation at the University of Utah’s MacAdmins meeting for May 2021. I feel that it’d be best to start with some historical context and how bootstrapping has evolved since I joined the industry.

Years ago, at a prior job, I inherited an imaging setup that utilized Mike Bombich’s NetRestore application. At the time, Mike had retired NetRestore in favor of DeployStudio. Learning how to use DeployStudio (and InstaDMG!) was a challenge that eventually helped me change careers from an Apple-certified repair technician to a Mac systems administrator.

At Saint Joseph’s University, I eventually retired our DeployStudio server in favor of Imagr, and moved most of our imaging scripts to Munki to keep things lightweight. The code I’ve published for binding to Active Directory with Munki is a great example of that effort. In hindsight, this was an excellent decision that aided our move to Apple’s Device Enrollment Program (DEP).

When the time came to replace Imagr and move to DEP, one solution stood out above the rest: VMware’s Workspace ONE UEM, paired with Erik Gomez’s InstallApplications. Erik has done an incredible amount of work to bring bootstrapping to the era of DEP. He released InstallApplications, a “build your own bootstrap” tool that allows you to run your own scripts and install packages as part of the DEP setup process. Then, he partnered with VMware’s Workspace ONE team, making UEM the first MDM (Mobile Device Management) service to support custom bootstrapping. To get everyone started, he even published a fully working demo, showing what InstallApplications can do.

Since then, the MDM landscape has changed quite a bit. InstallApplications has changed considerably, too. This series and presentation will highlight how I’ve implemented this process at SJU. You can absolutely cherry-pick pieces of what I’m going to describe here if you’re using another MDM service, but my main goal will be delivering a detailed guide to replicate this in your own environment. Hopefully, there’s something for everyone!