So this week I have been playing with AirWatch (AKA WorkSpace One) and the latest version. I have been slowly working on fully automated MacOS build and I came across a bit of a snag with deploying some of the application or rather to my surprise, AirWatch could do apps that are not in the App Store.
One main application I have always had issues with is Adobe and getting this to package nicely has always been a pain down for various reasons. I did try and see if this would work with AirWatch natively and well it doesn’t but thankfully digging into some of their code it appears at the time of writing this they are using a Munki backend of which I am quite familiar with. In essence, it’s like SCCM for Windows.
The first point I need to make is I am offering this advice assuming you are correctly licensed for Creative Cloud and you take the relevant steps to ensure it only goes to the intended users despite them needing a registered email to activate the software.
If you want to learn more about AirWatch I am going to be doing a series of posts to complment this one or head over here for more information
TLDR:- Basically you need to create a managed package as the self-service isn’t signed and Apple Gatekeeper blocks this (a few hours wasted here). This then also caused the install to fail in a managed package but you also need to make this a managed install for it to work. Hopefully I can do a video guide soon
TLDR2:- I want to keep working on this and see if I can just get the Creative Cloud App so it reduces the install size
One of the first steps to do is generate the installer for Creative Cloud. You can do this by logging into https://adminconsole.adobe.com/ and selecting Packages at the top.
Once in here select create a package and select Managed package.
Select all the options you need within here such as locale
From here select Photoshop, I know this one works and to be fair most people using the cloud apps will need this. I did try Adobe Reader but again for some reason the install would fail
In this next screen it will confirm the application selected. Use a name that will be displayed on AirWatch, for example, I used Adobe Cloud to make it obvious to my users. It appears that you cannot change this in the main console which would be a nice feature to see in the future.
Once the package has built, download this if it doesn’t start automatically. You will now need the VMware AirWatch Admin Assistant which you can get here. Open this and then drag you Adobe Cloud Install PKG file that is in the build folder of your download from Adobe
The application will sit there for a little while whilst it process the PKG file depending on its size as you may want to push the whole suite. Once it completes it should ask you to reveal this in finder
You should now see a folder with your application name, go into this and it usually has the please edit me at the end
In here you will find a .plist file you need to open this up in an editor and change the unattended_install value to true , I am using Xcode that allows me to select yes. At this stage, you could rename the DMG file and plist to something nicer reflecting this in here but it’s always best to test this as is first
Now due to the size limitation of 200mb at the time of writing this you need to upload the DMG that is within the same folder to a web server you clients can see. I would suggest protecting this still by HTTPS if you can and ensure you have this URL for the next step. In your AirWatch console select Apps & Books from the left and then Native. Within the sub window select App Application
Within this window select upload
In this window select Link and paste the in the URL to your web server hosting this file, select save and continue on the previous window
On the next window we need to upload the plist file you modified so the App Store knows how to install your app, do this by hitting choose file and then locate the file. Once done you will be back at the add application screen and select continue
You should now see the following screen and if possible at this point I add an icon so it doesn’t get the standard AirWatch icon. Fill in your categories and also and other details the like description you want and hit save and assign.
In this screen this selects which users will get the application shown in the app store, Press add assignment and fill in the details you want. I have selected All Devices just for demonstration purposes but do this to a group licensed for Adobe
I have found a bug on this next screen especially on Safari but select the radio button and then save and publish otherwise the assignment may not be saved.
You should now see a list of users this may affect if they are already in the correct groups and press publish
From here head back to the users machine and see if the application now exists, select Install and then confirm the installation
The icon should then change and this next bit can take some time depending on your web server and network
Eventually, this should go green and state installed. If you head into the users application folder you should now see Photoshop and the Creative Cloud Launcher where they can sign in for more applications
So I am going to be honest as many of you know I use Apple devices most the time just down to their simplicity and integrations but recently I have had the chance to use the latest version of AirWatch and a newer based Android Device.
The enrolment process is not quite as slick as iOS where it forces the user to enrol with your companies deployment but it can be as simple as a few taps (7 plus a few more) and a scan of a QR code. You may find as an IT department you still enrol users devices anyway so this won’t bother you that users may try and skip this step. At a guess I am sure some vendors will catch up and have a portal similar to Apple DEP before long.
The actual term for this in the Android world is called “Work Managed” but you will need to ensure you have your Google for Work set up before you do this or you won’t be able to push any applications to the device. This can also negate the need for the Google Play store on the device and your users needing separate accounts or everyone sharing a department account. I will do a separate post on the Android at Work as this also offers some great features.
But back to the enrolment, its as simple as open the box, pop the SIM in the phone, power it on. From here tap ‘Welcome’ 7 times and this will then take you to a hidden screen. Join the WiFi to save data if you wish and then this will download a QR reader. You will need to generate your own code using this guide from here and I found leaving the username password as it was caused the agent to get confused then ask me for that users credentials so I didn’t have to create unique codes. I used this website to generate my QR code
I used my top level group ID as when the user authenticates this should override this if they are in other smart groups. You can easily find this by going to the top of your organisation and then hovering over the name for a moment and this box will appear
Once you have added a user if you have your profiles and apps set up they should start streaming down to the device. I do certainly like the fact Boxer can be setup to auto configure from the user who enrolled and all they then need to put in is their password to start getting their emails. This is also quite nice if you wish to offer a BYOD or let user have their personal account on their phone as the in built client can then provided segregation.
The hidden power of doing it this way is when the user leaves despite being a good or bad leaver if the device is reset you can get back into it as the device is managed by the organisation. I have seen many devices been handed back into IT that have personal Google account on of which we can then not reactivate the device easily without the leavers details.
If you want to learn more about AirWatch I am going to be doing a series of posts or head over here for more information
So early this week as I made aware of a new addition to VRDCEX and its a gameification update, and Oh boy is it fun! I took some time to get something up as well my first attempt nearly involved in a light fixture being removed! I think this is mainly down to the way the depth perception happens with the Mixed reality headsets
So just as a major tip for anyone with an Oculus there is a tiny ‘hack’ that allows for better 3D awareness. Put one sensor directly in front of you and one behind. Restart the calibration in the Oculus setup and it will say they should be at 45 degree angles but just hit proceed. When you have to align the PC just do this to the front sensor. Ideally you should have a 3rd sensor but I have found this seems to work OK for this and a few other games. I found that before I did this, during the gameplay the headset would spin rapidly. This obviously make its harder and I ended up dropping VMs or throwing them in the wrong place.
So my highest score so far is 298 and a shame as I dropped one of the last few VMs and would have broke the 300 mark. I tried again a few times even with the setup above and I just couldnt do it! I must have peaked on my 3rd attempt but did average around the 260 mark.
So in preparation for Ravello Bloggers Day #2 tomorrow I thought I would write up a quick blog post and its crazy to think I can do this 11,582m up in the clouds, ironically what tomorrow is all about. There is good reason why I selected the picture for my post and that is the clouds and landscape are amazing on our planet (as I glanced out the window writing this) and the same can be said out the technology too but as engineers,architects & even humans do we even stop to marvel in either of their beauties?
Before I waffle I have to thank John, Kat & Amy along with the rest of their team for letting be be a delegate and having this great opportunity! I feel rather honoured to be able to do this and to be in a room full of great minds!
We are all now so used to be connected 24/7 and able to communicate worldwide (or even in the sky) within the blink of an eye do but we ever consider how all of this is possible and even what about all the legacy systems that may well be holding up this amazing platform
I know first-hand from this week I have already experienced in my new role asking different questions than I usually would. How does this scale, can I do this as code or even infrastructure as code even down to how can I back that state up or even its residing data. Much like my last point we expect data everywhere now and we want easy access no VPNs or multiple credentials and let’s be fair AD domains are still the easiest single sign on for users but how do we extend all our traditional services to our users.
My one prime example is a file server as this seems to have come up several times, yes we could implement things like Microsoft Teams/OneDrive or Citrix ShareFile but you will still get users that will want their home folder and their drive letters no matter how hard you try to escape this for at least a few years yet. I know some of this is business process but then what about our apps some of these just aren’t going to change overnight and use storage such as S3.
I think even if I wanted to deploy this in the cloud even somewhat traditionally I would certainly have more than one cloud and then have them connected in some form. Then the question is how well are my apps going to run up there or does this cause a licensing nightmare. Again, I am still speaking with some vendors now and they still have a server client approach with HTML or web based on the way. Does that then mean I need to push my clients to the cloud or just an element and deliver this as a seamless remote application with RDS, Citrix or VMware Horizon.
I know myself along with the company want to adopt a cloud first approach but are we able to tackle all of our day to day challenges yet or do we just have to think cleverly.
I can only speak for myself, but I am truly excited to see what the team have achieved over the last year of somethings I may have missed. I know I will certainly be digging more into the lift and shift as this is a great way to cuddle our legacy apps and maybe even edge cases like SAP or JAVA apps. It would also be great to get a better understanding of how we can now back up their bare metal offerings and if any further hypervisors may be officially support. I know have seen some great VMware and Nutanix posts out there but it would be great to see what they think of this. A great DIY custom albeit not officially supported VMware cloud maybe?
So recently I have made one of my scripts a bit more user friendly with PowerShell that uses Nexmo as an SMS Gateway. I am hoping to keep working on this and hope it helps the community out too. I have written this in such a way that you can pass outputs from other scripts or monitoring software! My primary reason was to let users or manager know an application was down or we had maintenance
I still hope to do a few more bits for this over time
Ability to pull in a CSV or file to text users if AD is offline
Better granular monitoring/output if you send from multiple aliases eg infrastructure, storage team, etc
Write a module for vCheck for better integration
Suppress the outputs on screen and maybe have a switch for this
Write another health script for my new Nutanix cluster and output errors via this
Maybe try two way interaction to allow response from listed number to run a restart of a service
Either way the script is held here over at GitHub so keep and eye on here for any updates
I have tried to do my best to allow for numbers to be held in multiple ways in AD such as +44 or with a leading 0 or not and the scripts responds accordingly
So we started the new year with a bang and I have a whole post about the 1st LonVMUG anyway but I thought I would get this up and online. I did my 1st ever ’45 minute’ session and I am sure I now have the bug… I am already thinking what can I do next if the committee will let me back
It was a great session and it was nice with it being interactive as I have already fed some of the ideas back but here were a few of the top ones. The main thing to stress is this was done on a HP mixed reality headset so these are far more affordable than the Oculus and the Vive so anyone can give it a go. Also due to the app it does run on quite a few machines.
Try and make it AR compatible, maybe so you can see the hosts in front of you
Read a QR code from a device to get an exploded view
View stats or performance metrics within the experience
One great one from the community was to use this for training and the ability to dive into devices and make it interactive or even allow for remote training.
This tweet did also amuse me but I don’t think Pat has anything to worry about
